A former juvenile probation officer in Orange County, Florida, is facing more than 500 years in prison after authorities say she used her lingering access to a sensitive court database to tip off a drug trafficking organization about upcoming police raids — including the existence of active, unserved arrest warrants.
The Orange County Sheriff’s Office made the arrest public through a post on X, complete with arrest footage. The suspect, Crystal Lawson, 32, had originally been granted access to the Comprehensive Case Information System — known as CCIS — when she was hired by the Florida Department of Juvenile Justice as a probation officer in February 2022.
That’s where the story takes a troubling turn.
As originally reported, Lawson was terminated from that position later in 2022 after she was arrested on a battery charge. However, no one cut off her access to the database. That oversight would prove costly.
Between January and May of 2026, Lawson allegedly accessed the CCIS database 106 times — not out of professional necessity, but to dig up active criminal case information on behalf of a drug trafficking organization that was already under active investigation by law enforcement.
What she allegedly found, she shared. According to the sheriff’s office, Lawson was able to identify multiple unserved arrest warrants, locate co-defendants connected to the criminal case, and pass that sensitive information directly to members and associates of the organization.
The consequences were real and immediate. The leaked intelligence allowed members of the group to destroy evidence, shield assets from recovery, and in at least one case, flee the area entirely before investigators could move in for an arrest.
The sheriff’s office didn’t mince words in describing the damage: “These leaks resulted in lost evidence, unrecovered assets, and at least one flight to avoid arrest.”
Lawson now faces 113 felony counts of Computer Crimes — Unauthorized Access. Each count carries a maximum sentence of five years in prison, which puts her potential exposure at well over 500 years behind bars.
The case raises serious questions about how access credentials are managed when government employees are terminated — particularly those with access to sensitive law enforcement databases. A simple administrative failure to revoke database access apparently gave a fired employee the tools to undermine an active criminal investigation for months.
For law enforcement, the arrest is a win. But the damage already done — fled suspects, lost evidence, compromised operations — is a sobering reminder of just how much harm an insider threat can cause before anyone notices.