« You MUST Own a Wireless Router - Reviews by PC Magazine | Main | Security Maxims »

October 02, 2009

Misdirected spyware infects Ohio hospital

Misdirected spyware infects Ohio hospital.

This is basically screen capture malware that was sent to a hospital employee's Yahoo e-mail account from a former boyfriend.

Between March 19 and March 28 the spyware sent more than 1,000 screen captures to Graham via e-mail. They included details of medical procedures, diagnostic notes and other confidential information relating to 62 hospital patients. He was also able to obtain e-mail and financial records of four other hospital employees as well, the plea agreement states.

As of the writing of this article, he was expected to plea guilty and pay a fine of $33,000 to the hospital, facing a possible maximum 5-year prison sentence.

Accountability and transparency?

Still [security expert] Howes faulted the hospital's IT staff for allowing someone to download spyware from Yahoo mail and install it on their systems. "That points to a security failing at that hospital, but then they aren't that different from 99% of companies out there," he said.

Remember when e-mail was supposed to be the killer app for the Internet?


blog comments powered by Disqus