The University of Maryland Medical Center (UMMC) is being sued by former and current employees over a security breach.
They are accusing a pharmacist working at the medical center of hacking computers so he could obtain personal and sensitive information.
According to the lawsuit, the suspect used a keylogger to obtain security information from UMMC computers. That way, he learned employees’ usernames and passwords and was able to access his victims’ accounts. Once logged in, he could download all kinds of sensitive information, including Social Security numbers, text messages, and even nude pictures.
Allegedly, the pharmacist targeted about 80 female co-workers in a nearly decade-long cyber-voyeurism and cyberstalking campaign. According to Steve Kelly, one of the attorneys who filed the lawsuit, the pharmacist installed spyware on at least 400 computers in clinics, treatment rooms, labs, and a variety of other locations at UMMC.
He spied on his victims using internet-connected cameras in their homes and workplaces. He would watch his victims breastfeed their babies, undress themselves, and even during intimate moments with their spouses. To avoid detection, the suspect would remotely turn off the green button on the cameras.
“Incredibly emotionally traumatic to learn that your iCloud could be hacked by somebody that you work with or that you could be surveyed in your home,” Cindy B. Morgan, an attorney with Grant & Eisenhofer, told CBS News.
The lawsuit suggests that UMMC is to blame for this data breach because of a breakdown of the hospital’s cybersecurity protocols. According to Morgan, “UMMC failed in every way possible to secure the data of their employees.”
If the medical center had implemented basic cybersecurity standards, the pharmacist wouldn’t have been able to install spyware and lay his hands on confidential information. The plaintiffs have called the security measures “woefully inadequate” and said the incident has destroyed their sense of security.
In a response, UMMC says it has been “deeply disappointed and angered” at the actions of the suspect.
“It’s our most sincere hope and expectation that the person alleged to have violated the trust of his colleagues and of our organization will be held accountable to the fullest extent of the law, which is why we have worked collaboratively over the past several months with the FBI and US Attorney’s Office who are engaged in an active criminal investigation,” UMMC states in a press release.
The medical center also expressed its “deepest regret and compassion” to those affected by the pharmacist’s actions.
Your email address will not be published. Required fields are markedmarked