A terminated government employee who kept access to a sensitive criminal justice database long after being fired has now found herself facing more than 100 felony charges.
Crystal Lawson, 32, a former juvenile probation officer in Orange County, Florida, was arrested this week after investigators accused her of using a statewide court database to warn members of an active drug trafficking organization about arrest warrants and other law enforcement activity.
According to the Orange County Sheriff’s Office, Lawson was hired by the Florida Department of Juvenile Justice in February 2022 and was granted access to Florida’s Comprehensive Case Information System, commonly known as CCIS. Later that year, she was terminated following a battery arrest. Authorities say her access to the database was never revoked.
Investigators allege that between January and May 2026, Lawson accessed the system 106 times to search active criminal cases involving members of a drug trafficking organization that was under investigation. Deputies say she located active arrest warrants, identified co-defendants, and leaked information to suspects and associates connected to the case. According to the Orange County Sheriff’s Office, the leaks resulted in lost evidence, unrecovered assets, and at least one suspect fleeing to avoid arrest before later being apprehended.
Former Employee Accused of Accessing Database More Than 100 Times
Lawson was booked into the Orange County Jail on 113 felony counts of unauthorized computer access and one count of unlawful use of a two-way communication device. Jail records show she was booked on June 18 by the Orange County Sheriff’s Office under case number 2026CF008561AO.
The allegations surfaced during a broader investigation into a drug trafficking organization led by Omyry Hickson. Investigators say they discovered Lawson’s activity while examining how members of the organization appeared to know about law enforcement actions before arrests could be carried out.
According to court filings and statements from investigators, Lawson allegedly searched for active warrants, monitored criminal cases, and provided information to people connected to the organization.
During a court hearing Friday, a judge denied a request to reduce Lawson’s bond. Her attorneys had asked the court to allow her release under conditions that would restrict her access to computers and the internet. WFTV reported that the request was denied.
Readers Focused Less on the Arrest and More on How She Still Had Access
While some readers debated the allegations themselves, the overwhelming reaction centered on a different question entirely: how a former employee allegedly retained access to a sensitive criminal justice database years after being terminated.
Many commenters said they were surprised that an account linked to a former employee could remain active for so long. Several who identified themselves as working in government, healthcare, corrections, and other regulated industries noted that access is typically revoked immediately upon an employee’s departure from the organization.
“Why was her access still active after termination?” was one of the most frequently asked questions throughout the discussion.
Others argued that whoever was responsible for removing Lawson’s credentials should also face scrutiny, while many pointed out that retaining access and using that access are two separate issues.
One commenter wrote, “Someone dropped the ball by not removing her access.”
Another added, “Most places deactivate everything before you even leave the building.”
A smaller group questioned whether investigators would be able to prove Lawson personally carried out every login, though others pointed out that modern systems maintain extensive audit logs that record who accessed records, when they were accessed, and what information was viewed.
There was also no shortage of gallows humor. Numerous readers joked that Lawson appeared to know about everyone else’s warrants except her own, while others quipped that she should have searched her own name before investigators arrived.
Regardless of where readers landed on the case, there appeared to be broad agreement on one point: the allegations have raised uncomfortable questions about how access to sensitive government databases is monitored, audited, and revoked after an employee leaves a position.
The Bigger Question
The criminal case against Lawson will ultimately focus on whether prosecutors can prove she improperly accessed and distributed protected information.
But the case has also highlighted a question that extends far beyond one defendant. Authorities say Lawson was terminated in 2022, yet her credentials allegedly remained active long enough for investigators to document more than 100 searches tied to an ongoing criminal investigation.
The Orange County Sheriff’s Office has not publicly explained how that happened, and officials have not announced whether any internal review of account management procedures is underway. For many readers, that unanswered question has become almost as noteworthy as the criminal allegations themselves.
Someone definitely dropped the ball. Her access should had been revoked before she departed the building the day she was terminated. The amount of damage she may cause will never be truly known. She should never walk free again. The department should take a very hard look at it’s processing and random audits of personal with access sensitive information.