Trust Betrayed: IT Company's COO Admits to Hacking for Financial Gain

Claim Your FREE Cybersecurity Risk Assessment for peace of mind before leaving the office.

Trust Betrayed: IT Company’s COO Admits to Hacking for Financial Gain

In a surprising news twist, the former Chief Operating Officer of Securolytics (a network security company servicing healthcare), Vikas Singla, has confessed to hacking two hospitals to promote his cybersecurity services and grow his own business.

These events raise critical questions about the need to verify and monitor IT professionals, even those we think we can trust implicitly. 

The Hospital Hacking Incidents 

Singla’s hacking campaign began in 2018 with manipulating the phone system at Gwinnett Medical Center hospital. By altering files, he disabled phones and networks, severely disrupting essential hospital functions, including emergency responses and daily coordination. 

Singla also managed to steal personal data from over 200 patients. As if this wasn’t enough, he assumed control over 200 printers at both hospitals, causing them to print stolen patient data alongside the message: “WE OWN YOU.”

The Unanticipated Publicity Stunt

Singla’s actions didn’t end with the hacks. He took to Twitter, operating under an anonymous identity, and claimed responsibility for the hospital breaches. To emphasize his point, he even disclosed some of the stolen personal data.

Then he reached out as his own company, Securolytics, to those patients who were hacked, attempting to get them as clients in order to boost business.

Consequences and Guilty Plea

Singla’s actions resulted in substantial financial losses, exceeding $817,000 for the hospital system. Singla has agreed to repay the $817,000 plus interest to the hospital as part of his 57-month probation plea bargain. His next trial takes place on Feb 15th 2024 where he may receive up to 10 years in jail.

The Vital Lesson: Verification in IT

This case serves as a stark reminder of the critical importance of scrutinizing and verifying the actions of IT professionals, even those we trust implicitly. Trust should never be a substitute for vigilance.

Here are some ways to verify IT professionals’ actions:

In the realm of cybersecurity, ethical conduct is paramount. Our industry must prioritize the security and privacy of our clients’ data above all else, steering clear of unethical shortcuts or attempts to gain an unfair advantage. 

When was the last time you verified if your current IT Team was doing what they should be? Schedule a FREE IT Assessment HERE to ensure that your IT partner is meeting your security, cost-efficiency, proactivity, and network update requirements. Trust is essential, but verification ensures the reliability of your IT services provider for your business’s peace of mind.