Former New York Hospital Employee Charged With Compromising Coworkers’ Data

Nov. 19, 2019

A former employee of a New York City-based hospital has been charged with installing a malicious software program on dozens of his coworkers’ computers and obtaining unauthorized access to their data, according to a recent Department of Justice (DoJ) announcement.

On Nov. 15, Geoffrey S. Berman, the U.S. Attorney for the Southern District of New York, and William F. Sweeney Jr., Assistant Director-in-Charge of the New York Office of the FBI, announced that Richard Liriano, 33, of Bronx, N.Y., allegedly had installed a malicious software program known as a “keylogger” on dozens of his coworkers’ computers at a New York City area hospital, obtaining unauthorized access to his victims’ email, social media and other online accounts, and using that unauthorized access to steal private and confidential files.

Using his victims’ stolen credentials, Liriano, over about a one-year span, repeatedly compromised their password-protected online accounts, and pilfered their sensitive personal photographs and other private documents, the prosecutors’ statement alleged.

Liriano has been charged in three counts: with transmitting a program to a protected computer that intentionally caused damage, which carries a maximum sentence of 10 years in prison; with intentionally accessing a protected computer without authorization and recklessly causing damage, which carries a maximum sentence of five years in prison; and with aggravated identity theft, which requires a two year prison term to be served consecutive to any sentence imposed on the computer intrusion charges, according to the DoJ.

In its 2019 Data Breach Investigations Report, Verizon found that for the second year in a row the healthcare market was the only industry to show a greater number of insider attacks (59 percent) than external (42 percent).

A statement from Berman read, “Liriano allegedly used the access he gained through the malicious software to steal photos, tax records, and other personal information from his coworkers and people associated with them.  As information technology increasingly becomes an integral part of our workplaces, ensuring the integrity of those systems becomes even more critical.  The arrest of Liriano should serve as an error message to any information technology professionals seeking to capitalize on their trusted access to information:  As in this case, you will be caught and prosecuted.”

The maximum potential sentences are prescribed by Congress and are provided here for informational purposes only, as any sentencing of the defendant will be determined by the judge.

Sponsored Recommendations

How Digital Co-Pilots for patients help navigate care journeys to lower costs, increase profits, and improve patient outcomes

Discover how digital care journey platforms act as 'co-pilots' for patients, improving outcomes and reducing costs, while boosting profitability and patient satisfaction in this...

5 Strategies to Enhance Population Health with the ACG System

Explore five key ACG System features designed to amplify your population health program. Learn how to apply insights for targeted, effective care, improve overall health outcomes...

A 4-step plan for denial prevention

Denial prevention is a top priority in today’s revenue cycle. It’s also one area where most organizations fall behind. The good news? The technology and tactics to prevent denials...

Healthcare Industry Predictions 2024 and Beyond

The next five years are all about mastering generative AI — is the healthcare industry ready?