Geoffrey S. Berman, the United States Attorney for the
Southern District of New York, announced
that RICHARD LIRIANO pled guilty today to one count of computer fraud in
connection with his scheme to use malicious software programs, including a
program known as a “keylogger,” on dozens of his coworkers’ computers at a New
York City-area hospital, secretly obtaining user names and passwords to his
victims’ personal email and other accounts, and using that unauthorized access
to steal private and confidential files.
Using his victims’ stolen credentials, LIRIANO repeatedly compromised
their password-protected online accounts, and accessed their sensitive personal
photographs, videos, and other private documents. LIRIANO pled guilty earlier today in
Manhattan federal court before United States Magistrate Judge Kevin N. Fox.
U.S. Attorney Geoffrey S. Berman said: “To feed his voyeuristic curiosity, Richard
Liriano, an information technology professional at a New York hospital,
installed a “keylogger” on dozens of his coworkers’ computers and used other
unauthorized software to spy on and steal personal information from them. Liriano’s disturbing crimes not only invaded
the privacy of his coworkers; he also intruded into computers housing vital
healthcare and patient information, costing his former employer hundreds of
thousands of dollars to remediate. He
will now be held accountable for his actions.”
According to the allegations in the Information to which
LIRIANO pled guilty, a prior Indictment filed against LIRIANO, as well as
statements made during the plea and other proceedings in the case:
From at least in or about 2013, up to and including at least
in or about 2018, LIRIANO misused administrative access provided to him as an
information technology employee at a New York City-area hospital
(“Hospital-1”), to log in to employee accounts, and copy other employees’
personal documents, including tax records and personal photographs, onto his own
workspace computer for his own personal use.
To further his efforts to steal personal information from
Hospital-1’s employees, LIRIANO, without authorization, used various malicious
programs to steal the user names and passwords of his primarily female
co-workers. One of these programs was
known as a keylogger, which recorded and sent victim employees’ keystrokes to
LIRIANO, such as the usernames and passwords those employees entered to access
their personal web-based email accounts.
Through the course of this conduct, LIRANO stole usernames and passwords
for at least approximately 70 email accounts belonging to Hospital-1 employees
or persons associated with those employees (the “Compromised Accounts”).
LIRIANO then used those stolen usernames and passwords to
log in to the Compromised Accounts and obtain unauthorized access to other
password-protected email, social media, photographs, and online accounts to
which the Compromised Accounts were registered.
Among other things, LIRIANO conducted searches for sexually explicit
photographs and videos in the Compromised Accounts.
LIRIANO’s computer intrusions into Hospital-1’s computer
networks caused over $350,000 in losses to Hospital-1.
*
* *
LIRIANO, 33, of the Bronx, New York, was arrested on
November 14, 2019. LIRIANO pled guilty
today to one count of transmitting a program to a protected computer that
intentionally caused damage, which carries a maximum sentence of 10 years in
prison. The maximum potential sentence
in this case is prescribed by Congress and is provided here for informational
purposes only, as any sentencing of the defendant will be determined by the
judge.
LIRIANO is scheduled to be sentenced by U.S. District Judge
Lewis A. Kaplan on April 15, 2020, at 3:00 p.m.
Mr. Berman praised the investigative work of the Federal
Bureau of Investigation and thanked the New York City Police Department for its
assistance.
This case is being handled by the Office’s Complex Frauds
and Cybercrime Unit. Assistant U.S.
Attorney Vladislav Vainberg is in charge of the prosecution.
Posts
No comments:
Post a Comment