The Industry’s Only SaaS-Delivered Enterprise DLP

Our unique approach to DLP allows for quick deployment and on-demand scalability, while providing full data visibility and no-compromise protection.

No-Compromise Data Protection is:

  • Cloud-Delivered
  • Cross Platform
  • Flexible Controls
DATAINSIDER

Digital Guardian's Blog

Former Healthcare Exec Sentenced for Sabotaging COVID-19 Supply Deliveries

by Chris Brook on Monday October 26, 2020

Contact Us
Free Demo
Chat

The ex-VP conducted an intrusion into his former employer’s package shipping system and delayed PPE essential to healthcare workers.

The former vice president of a healthcare company was sentenced last week, six months after he was charged with sabotaging electronic shipping records, something that ultimately wound up delaying shipments of the company’s personal protective equipment (PPE) in a pandemic.

The U.S. Attorney’s Office for the Northern District of Georgia announced in April that the ex-employee, Christopher Dobbins, had been charged after reportedly using a secret account to access his former company's computer system. It wasn’t until last Tuesday that he was sentenced for his malfeasance – one year and one day – and asked to pay a $221,200 restitution charge.

Dobbins previously pleaded guilty in July to a charge of reckless damage to a protected computer.

While the DOJ declined to name the healthcare company, Dobbins was previously the VP for Georgia-based Stradis Healthcare, LLC, a company that manufactures surgical packs and medical kits for acute care and large multi-practice facilities.

Stradis, for its part, confirmed in April that it was working with the FBI on the case and that employees and the assembly line had been working at full capacity during the man’s criminal activity. While the intrusion reportedly led to delays, the shipping of those key supplies eventually returned to full strength.

According to U.S. Attorney Byung J. “BJay” Pak, Dobbins lost his job in March and subsequently lost his access to the company's shipping information. He received his final paycheck on March 26 and while ordinarily that would mark the end of his interactions with his now ex-employer, three days later he used a fake user account he set up to login to the company’s computer systems, only to create another fake account. With that fake account he edited and deleted shipping records - he edited 115,581 records and deleted 2,371 records in total before deactivating both fake accounts and logging out, according to the DOJ.

Dobbins' actions threw the company's shipping processes into disarray, delaying PPE to healthcare providers that was obviously much needed. For context, Dobbins logged into his company's systems and disrupted supplies March 29, nearly three weeks after March 11, when the World Health Organization (WHO) declared the novel coronavirus (COVID-19) outbreak a global pandemic.
While the company would usually be able to deliver PPE on the same day, Dobbins' sabotage caused delays of 24 to 72 hours, according to the Associated Press.

“As businesses worked to get PPE into the hands of those most in need of it, Dobbins chose to hack his former employer and maliciously interrupt that process,” Pak told the AP last week. “His actions caused delays in the delivery of desperately needed equipment in the midst of a worldwide pandemic.”

Oddly enough, the case bears some similarities to another story, from last week, involving an IT administrator who was relieved from his job and used a "superuser" admin account after the fact to access company data. In that case, which involved the now defunct department store Century 21, the employee reportedly stole employee data from the company and tampered with its holiday payroll policy.

While some companies rely on a third-party portal to facilitate shipping. It sounds as if Stradis uses an in-house portal – the DOJ says Dobbins "logged in to the company’s computer systems" to disrupt the company’s shipping processes. It’s unclear if the company relied on any solutions to monitor employee activity or data manipulation and if such technologies could have minimized the impact of Dobbins’ sabotage.

Tags: Insider Threat

Recommended Resources


  • The seven trends that have made DLP hot again
  • How to determine the right approach for your organization
  • Making the business case to executives
  • Why Data Classification is Foundational
  • How to Classify Your Data
  • Selling Data Classification to the Business

Chris Brook

Chris Brook is the editor of Data Insider. He is a technology journalist with a decade of experience writing about information security, hackers, and privacy. Chris has attended many infosec conferences and has interviewed hackers and security researchers. Prior to joining Digital Guardian he helped launch Threatpost, an independent news site which is a leading source of information about IT and business security for hundreds of thousands of professionals worldwide.