This post is also available in: heעברית (Hebrew)

In a strange and surprising turn of events, the former chief operating officer of the cybersecurity company admitted to hacking two US hospitals in an attempt to generate more business for the security firm he was working at.

Vikas Singla is a former chief operating officer at the network security firm “Securolytics”, and he recently pleaded guilty to hacking the systems of two Georgia-based hospitals belonging to the Gwinnett Medical Center.

The plea agreement reads that Singla’s actions resulted in a financial loss that was worth more than $817K for the Gwinnett Medical Center and that he had disrupted the hospital’s printers, phone systems, and Digitizer.

According to Cybernews, as part of the incident that occurred on September 27th, 2018, Singla disabled several hundred ASCOM phones used by the hospital staff, thus severely impacting the hospital’s work. That same day, the former chief operating officer also took several hundred patient names, dates of birth, and other data that was attached to a mammography machine. He later hijacked 200 printers in both hospitals and started printing the patient names that he stole, followed by a message reading “WE OWN YOU”.

The plea agreement states that Singla attempted to create and use publicity about the attack, which included causing the publication of information obtained without authorization from the Digitizer, to generate business for his company, Securolytics. Singla set up a Twitter account several days later to post dozens of messages claiming that Gwinnett Medical Center was hacked, and shared stolen patient details to prove his point.

When the attack was complete, Securolytics emailed potential clients using the Gwinnett Medical Center hack as an example.

Singla has reportedly agreed to pay over $817,000 in damages he caused to impacted hospitals.

This information was provided by Cybernews.