Man Accidentally Infects Ohio Hospital with Spyware – Was Meant for Girlfriend’s Home Computer and She Opened Her Yahoo Mail at
Posted Sep 18 2009 10:20pm
This is a real neat story here, the man wanted to spy on his girlfriend, sends the attachment to her Yahoo mail, which she opens at work and not at home on her own computer….well now we have spyware on the hospital network. I am surprised too that some type of monitoring software didn’t catch it as well. I have this security discussion with physicians all the time at their offices and they don’t seem to take it seriously. In one office I had to reformat a computer twice (same employee) due to a bot infection a few years ago, and the second time I had everything pretty well locked down but it was a peer to peer network and not a server, thus reliance on the router security and other software was needed and the bot worked around it. Now it has Steady State from Microsoft and no problems since!
Well if one finds a need to have to participate in spying, best you do it in another fashion as he could get 5 years in jail and gee, how long did he sit and there and spy, no word on how long it took before he was found out either. I have found in the past a LimeWire on hospital PCs and I’m not even the IT person, but when you are sitting there and notice the software you have to at least tell the employee it is not good and should be removed as well as informing the IT Department before you leave. BD
A 38-year-old Avon Lake, Ohio, man is set to plead guilty to federal charges after spyware he allegedly meant to install on the computer of a woman he'd had a relationship with ended up infecting computers at Akron Children's Hospital. In late February 2008, Scott Graham shelled out US$115 for a spyware program called SpyAgent and sent it to the woman, according to a plea agreement filed in the US District Court for the Northeastern District of Ohio. He allegedly sent the spyware to the woman's Yahoo email address, hoping that it would give him a way to monitor what she was doing on her PC. But instead, she opened the spyware on a computer in the hospital's pediatric cardiac surgery department, creating a regulatory nightmare for the hospital.
Between March 19 and March 28 the spyware sent more than 1,000 screen captures to Graham via email. They included details of medical procedures, diagnostic notes and other confidential information relating to 62 hospital patients. He was also able to obtain email and financial records of four other hospital employees as well, the plea agreement states.