Network security firm COO charged with medical center cyberattack

The former chief operating officer of Securolytics, a network security company providing services for the health care industry, was charged with allegedly conducting a cyberattack on Georgia-based Gwinnett Medical Center (GMC).

45-year-old Vikas Singla supposedly disrupted the health provider's Ascom phone service and network printer service and obtained information from a Hologic R2 Digitizer digitizing device in September 2018.

According to the US Department of Justice press release, Singla conducted the cyberattack partially "for purpose of commercial advantage and private financial gain" per the indictment.

"This cyberattack on a hospital not only could have had disastrous consequences, but patients' personal information was also compromised," said Special Agent in Charge Chris Hacker of the FBI's Atlanta Field Office. 

"The FBI and our law enforcement partners are determined to hold accountable, those who allegedly put people's health and safety at risk while driven by greed."

Facing many years in prison if found guilty

The Securolytics executive was charged with 17 counts of intentional damage to a protected computer, each of the counts carrying a maximum penalty of 10 years in prison.

He was also charged with one count of obtaining information by computer from a protected computer, which carries a maximum penalty of five years in prison.

"Criminal disruptions of hospital computer networks can have tragic consequences," added Acting Assistant Attorney General Nicholas L. McQuaid of the Justice Department's Criminal Division.

"The department is committed to holding accountable those who endanger the lives of patients by damaging computers that are essential in the operation of our health care system."

A Securolytics spokesperson was not available for comment when contacted by BleepingComputer earlier today.

According to multiple media reports, GMC investigated a security breach in 2018 after some of its patients' started surfacing online.

"Gwinnett Medical Center recently discovered a security incident. At this time, we are continuing to investigate the issue [...] I can confirm that patient care activities have not been impacted," a GMC spokesperson told ZDNet at the time.