Former NYC hospital employee receives 30-month sentence for hacking co-workers' email accounts

A former IT employee at a New York City-based hospital was sentenced to 30 months in prison for using malicious software programs to hack into numerous co-workers' email accounts, according to an Oct. 2 news release from the Department of Justice. 

Richard Liriano pleaded guilty last December to one count of computer fraud relating to the ongoing scheme, which he engaged in between 2013-18. Mr. Liriano used malicious programs, such as keyloggers, on dozens of fellow employees' computers at the unnamed hospital. 

Mr. Liriano stole usernames and passwords for at least 70 email accounts belonging to hospital employees, costing the hospital more than $350,000 in losses. He used the stolen credentials to hack into employees' online accounts, which stored personal photographs, videos and private documents including tax records. 

"[Mr.] Liriano's disturbing crimes not only grossly violated the privacy of his coworkers but jeopardized the integrity of computers housing vital healthcare and patient information, costing his former employer hundreds of thousands of dollars to remediate," Acting U.S. Attorney Audrey Strauss said in the news release. 

In addition to the two and a half-year prison sentence, Mr. Liriano was ordered to pay restitution of $351,850. 

More articles on cybersecurity: 
'We're not going to solve this through magical thinking': What hospitals need to combat cyber threats
Michigan hospital email phishing attack exposes 26,861 patients' info: 4 notes
Georgia hospital employee framed in HIPAA violation scheme

© Copyright ASC COMMUNICATIONS 2021. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.

 

Featured Whitepapers

Featured Webinars