The woman formerly responsible for managing Microsoft's Internet domain names has been sentenced to nearly two years in prison for bilking her employer out of US$1 million in fake registration fees.
Carolyn Gudmundson, 46, formerly a program manager at Microsoft's MSN division, pleaded guilty in January to charges that she used her position within the company to run a number of scams between 2000 and 2004.
On Friday, she was sentenced to 22 months in prison, followed by three months of supervised release, and ordered to pay US$923,641 in restitution.
According to court filings, Gudmundson used her corporate American Express card for domain-name registration fees, but would then submit copies of invoices that carried inflated charges. She also billed Microsoft for domain name registrations that had already been paid for by its Expedia online travel service. Microsoft sold off Expedia in 2001.
In another scam, she convinced a Microsoft contractor, Marksmen Inc., to send checks to her attention at Microsoft, claiming they were being used to repay a Microsoft employee, G.M. Lossman, for transferring domain names into Microsoft's control. Those checks were cashed in Gudmundson's mother's account, according to the U.S. Department of Justice.
At her sentencing, U.S. District Judge Ricardo S. Martinez suggested the sentence should serve as a deterrent to others. "Other employees who have similar opportunities to place their hands in the corporate till need to understand that society takes this sort of crime very seriously," he was quoted as saying in a Department of Justice press release.
Things could have been worse for Gudmundson. She had been facing up to 20 years in prison on the charges.
Gudmundson was also associated with Microsoft's notorious 1999 Hotmail outage, which knocked 60 million users offline. The outage happened when the passport.com domain, which was needed for logins to Hotmail, was not renewed. Gudmundson was listed as the Microsoft contact for that domain registration.