They shouldn't be using the equipment. One group is at a University, the other a bank/financial institution. They're tech support/networking, so able to do that, but bound to get caught at some point. Someone's gonna get too greedy, and/or make a mistake.

The question is, what can companies, academic institutions, and the like, do to prevent this ?

I should have kept my mouth shut, and kept this BTC to myself. And just made out that my online business was pulling in more money !