The US Department of Justice has filed charges against Indian-origin Vikas Singla, a former cybersecurity official, for a cyber-attack on a hospital in the state of Georgia in 2018.
According to the indictment, Singla, 45, the chief operating officer of a metro-Atlanta network security company Securolytics that served the health care industry, allegedly conducted a cyberattack on Gwinnett Medical Center that involved disrupting phone service, obtaining information from a digitizing device, and disrupting network printer service.
Singla is charged with 17 counts of intentional damage to a protected computer, each of which carries a maximum penalty of 10 years imprisonment, and one count of obtaining information by computer from a protected computer, which carries a maximum penalty of five years imprisonment.
The indictment further alleges that the cyberattack was conducted partly for financial gain, the Justice Department said in a statement.
“Cyberattacks that target important infrastructure, like health care, pose a serious threat to public health and safety,” said Acting US Attorney Kurt R. Erskine for the Northern District of Georgia.
“In this case, Singla allegedly compromised Gwinnett Medical Center’s operations in part for his own personal gain.”
“This cyberattack on a hospital not only could have had disastrous consequences, but patients’ personal information was also compromised,” said Special Agent in Charge, Chris Hacker, of the FBI’s Atlanta Field Office.
The FBI is currently investigating this case.
According to media reports, the hospital probed a security breach in 2018 after some of its patients’ data started surfacing online.