"Cybersecurity Executive Pleads Guilty to Hacking Hospitals"

The chief operating officer (COO) of a US network security firm has recently pleaded guilty to compromising the IT systems of two hospitals in order to generate business for his company.  Securolytics executive Vikas Singla admitted hacking Gwinnett Medical Center (GMC) hospitals in Duluth and Lawrenceville, Georgia.  The incidents, which took place in September 2018, began when Singla modified the configuration files of GMC Duluth hospital’s ASCOM phone system, rendering over 200 handsets inoperable.  The Department of Justice (DoJ) noted that this disrupted the work of nurses and doctors who use the phones to coordinate “Code Blue” emergencies and other work.  The same day, Singla managed to steal personal information on over 300 patients from a password-protected Hologic R2 Digitizer, which was connected to a mammogram machine at the Lawrenceville hospital.  The DoJ noted that he also transmitted commands resulting in over 200 printers at both hospitals printing out the stolen personal information, interspersed with the message: “We Own You.”  On October 2, 2018, Singla then took to Twitter, posting 43 messages under an anonymous account claiming the hospitals were hacked and sharing some of the personal details he’d stolen.  The DoJ noted that after the attacks, Securolytics emailed potential clients offering its services and noting the recent attack on GMC.  His attacks are said to have caused over $800,000 in “financial harm” to the hospitals, which Singla will pay back plus interest in restitution.

 

Infosecurity reports: "Cybersecurity Executive Pleads Guilty to Hacking Hospitals"

Submitted by Adam Ekwall on