Cybersecurity firm executive pleads guilty to hacking hospitals

The former chief operating officer of a cybersecurity company has pleaded guilty to hacking two hospitals, part of the Gwinnett Medical Center, in June 2021 to boost his company's business. Vikas Singla, who worked for Securolytics, a network security company that provided services to the healthcare industry, pleaded guilty to hacking into the systems of GMC Northside Hospital hospitals in Duluth and Lawrenceville, as prosecutors said in a June 2021 indictment. During his attack on September 27, 2018, he disrupted the health provider's phone and network printer services, and he stole the personal information of more than 200 patients from a Hologic R2 Digitizer digitizing device connected to a mammogram machine on GMC's Lawrenceville hospital. On the same day, Singla used over 200 printers in the GMC hospital in Duluth to print stolen patient information and "WE OWN YOU" messages. "The Defendant attempts to create and use publicity about the attack, including by causing the publication of information obtained without authorizations from the Digitiaze, to generate business for Securolytics," the guilty plea reads. Singla "Promoted" the GMC hack on Twitter, tweeting the names, dates of birth, and sexes of 43 patients whose data had been stolen in the breach. Securolytics also reached out potential clients after Singla's attack, highlighting the GMC incident in the emails. "This cyberattack on a hospital not only could have had disastrous consequences, but patient's personal information was also compromised," said Chris Hacker, Special Agent in Charge of FBI Atlanta. "The FBI and our law enforcement partners are determined to hold accountable, those who allegedly put peoples health and safety at risk while driven by greed." Singla was charged with 17 counts of intentional damage to a protected computer and one count of obtaining information from a protected computer. Prosecutors say that the defendant's attack on GMC's ASCOM phone system, printers, and digitizer resulted in more than $817,000 in financial losses. He has now agreed to pay over $817,000 plus interest in restitution to the Northside Hospital Gwinnett in Lawrenceville and the Ace American Insurance Company as part of the plea deal. The prosecutors will recommend a sentence of 57 months probation, including home detention, based on Singla being diagnosed with "a rare and incurable form of cancer" and "a potentially dangerous vascular condition," which warrant "Home detention as an alternative to incarceration" so that the defendant can receive appropriate medical care. The judge can impose a maximum term of imprisonment of 10 years during the sentencing hearing scheduled for February 15, 2024. TransForm says ransomware data breach affects 267,000 patients. SEC sues SolarWinds for misleading investors before 2020 hack. Cyberattack on health services provider impacts 5 Canadian hospitals. PJ&A says cyberattack exposed data of nearly 9 million patients. Pharmacy provider Truepill data breach hits 2.3 million customers.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Thu, 30 Nov 2023 23:19:27 +0000


Cyber News related to Cybersecurity firm executive pleads guilty to hacking hospitals

Capital Health Hospitals hit by cyberattack causing IT outages - Capital Health hospitals and physician offices across New Jersey are experiencing IT outages after a cyberattack hit the non-profit organization's network earlier this week. The healthcare system manages two hospitals, an outpatient facility in ...
1 year ago Bleepingcomputer.com
Hospitals Must Treat Patient Data and Health With Equal Care - COMMENTARY. Hospitals are in the crosshairs: As collectors of some of the most personal and sensitive data available, hospitals are a prime target for hackers and cyberattacks. Patient data needs to be treated with as much care and sensitivity as the ...
11 months ago Darkreading.com
Encouraging Ethical Hacking Skills in Students - This article delves into the significance of encouraging ethical hacking skills in students and the numerous benefits it offers to individuals and society as a whole. Possessing ethical hacking skills can provide students with a competitive advantage ...
1 year ago Securityzap.com
Cyberattacks on Hospitals Are Likely to Increase, Putting Lives at Risk, Experts Warn - Cybersecurity experts are warning that hospitals around the country are at risk for attacks like the one that is crippling operations at a premier Midwestern children's hospital, and that the U.S. government is doing too little prevent such breaches. ...
10 months ago Securityweek.com
Cybersecurity firm executive pleads guilty to hacking hospitals - The former chief operating officer of a cybersecurity company has pleaded guilty to hacking two hospitals, part of the Gwinnett Medical Center, in June 2021 to boost his company's business. Vikas Singla, who worked for Securolytics, a network ...
1 year ago Bleepingcomputer.com
SW Ontario hospitals confirm patient data compromised in cyberattack - As the fallout from last week's cyberattack against five southwestern Ontario hospitals continues to spread, the organizations confirmed Tuesday that patient information was stolen and they now fear the blackmailers might publish it online. TransForm ...
1 year ago Windsorstar.com
Hospitals ask courts to force cloud storage firm to return stolen data - Two not-for-profit hospitals in New York are seeking a court order to retrieve data stolen in an August ransomware attack and now stored on the servers of a Boston cloud storage company. Carthage Area Hospital and Claxton-Hepburn Medical Center have ...
11 months ago Bleepingcomputer.com
Fortinet Contributes to World Economic Forum's Strategic Cybersecurity Talent Framework - Shining a light on the cybersecurity workforce challenge, the World Economic Forum recently published its Strategic Cybersecurity Talent Framework, which is intended to serve as a reference for public and private decision-makers concerned by the ...
7 months ago Feeds.fortinet.com
Ardent hospital ERs disrupted in 6 states after ransomware attack - Ardent Health Services, a healthcare provider operating 30 hospitals across six U.S. states, disclosed today that its systems were hit by a ransomware attack on Thursday. It had to take its entire network offline, notify law enforcement, and hire ...
1 year ago Bleepingcomputer.com
LockBit targets hospitals - We did not see much research released on ransomware this week, with most of the news focusing on new attacks and LockBit affiliates increasingly targeting hospitals. These attacks include ones against Yakult Australia and the Ohio Lottery by the new ...
11 months ago Bleepingcomputer.com
HHS proposes new cybersecurity requirements for hospitals through HIPAA, Medicaid and Medicare - The United States Department of Health and Human Services said it is planning to take a range of actions in an effort to better address cyberattacks on hospitals, which have caused dozens of outages across the country in recent months. First reported ...
1 year ago Therecord.media
Student Cybersecurity Clubs: Fostering Online Safety - Student cybersecurity clubs are playing a crucial role in promoting online safety among students. Student cybersecurity clubs play a vital role in this regard, as they provide a platform for students to learn about the latest threats, share best ...
11 months ago Securityzap.com
Feds cough up 'voluntary' cybersecurity goals for hospitals The Register - Plus, you're going to be in for a world of hurt when new regulations - which will very likely mirror these voluntary practices - take effect, according to Taylor Lehmann, a director in Google Cloud's Office of the Chief Information Security Officer. ...
10 months ago Go.theregister.com
How Hospitals Can Help Improve Medical Device Data Security - COMMENTARY. Hospitals and medical device manufacturers must team up to help create a secure environment to protect the personal health information derived from patient monitors and other medical devices. For some time, this notion of shared ...
10 months ago Darkreading.com
Cybersecurity Training for Business Leaders - This article explores the significance of cybersecurity training for business leaders and its crucial role in establishing a secure and resilient business environment. By examining the key components of effective training programs and the ...
10 months ago Securityzap.com
How to become a cybersecurity architect - Cybersecurity architects implement and maintain a comprehensive cybersecurity framework to protect their company's digital assets. The cybersecurity architect position is a fundamental role that all organizations need, said Lester Nichols, director ...
5 months ago Techtarget.com
Growing threats outpace cybersecurity workforce - The cybersecurity skills shortage threatens the well-being and even survival of numerous businesses as cybersecurity threats grow more numerous, sophisticated, and dangerous to the point that cybersecurity groups have vowed not to pay ransom demands. ...
10 months ago Legal.thomsonreuters.com
Cybersecurity M&A Roundup: 34 Deals Announced in November 2023 - Thirty-four cybersecurity-related merger and acquisition deals were announced in November 2023. Network security firm AMYNA Systems has acquired EPL Advisors, which specializes in strategy consulting, investor relations, fund raising, and early ...
1 year ago Securityweek.com
Beyond Mere Compliance - Too often we continue to see executives whose approach to cybersecurity - compliance rather than protection - is strikingly similar to that of the ill-advised business owner whose minimal fire protection is designed only to meet the building code. ...
11 months ago Cyberdefensemagazine.com
Cybersecurity Curriculum Development Tips for Schools - With the constant threat of cyber attacks, schools must prioritize the development of a robust cybersecurity curriculum to equip students with the necessary skills and knowledge. This article provides valuable insights and tips for schools aiming to ...
11 months ago Securityzap.com
The Importance of Cybersecurity Education in Schools - Cybersecurity education equips students with the knowledge and skills needed to protect themselves and others from cyber threats. Cybersecurity education can teach students about the impact of cyberbullying, how to prevent it, and how to respond ...
1 year ago Securityzap.com
What is the NIST Cybersecurity Framework? Definition from SearchSecurity - The NIST Cybersecurity Framework provides guidance on how to manage and reduce IT infrastructure security risk. NIST created the CSF to help private sector organizations in the United States develop a roadmap for critical infrastructure ...
11 months ago Techtarget.com
Trickbot Malware Developer Pleads Guilty - A 40-year-old Russian national, Vladimir Dunaev, pleaded guilty for developing and deploying Trickbot malware. Trickbot, a suite of malware tools, targeted hospitals and businesses, causing millions in losses. Trickbot is a sophisticated modular ...
1 year ago Gbhackers.com
Cybersecurity and Infrastructure Security Agency Reports Minimal Impact of Killnet Distributed Denial of Service Attacks on American Hospitals - The Cybersecurity and Infrastructure Security Agency (CISA) reported that it had assisted numerous hospitals in responding to a series of distributed denial-of-service (DDoS) attacks last week, which were launched by a pro-Kremlin hacking group known ...
1 year ago Therecord.media
Law Firms and Legal Departments Get Singled Out For Cyberattacks - Cyberattackers are doubling down on their attacks against law firms and corporate legal departments, moving beyond their historical activity of hacking and leaking secrets to targeting the sector with financial attacks, such as ransomware and ...
1 year ago Darkreading.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)