Not all instances of data breach are the result of
sophisticated hackers and homemade viruses. While the media at large can paint
a stereotypical picture of those who expose personal digital information, the
truth is much less complicated—and much more concerning. As an article from PC
World demonstrates, amateur computer users with commercially available
software have just as strong a chance of exposing your personal identity information
as a seasoned hacker.
Late last year, Ohio resident Scott Graham purchased the
commercially available keylogging software SpyAgent and succeeded in convincing
a woman who he was interested in to install the program.
SpyAgent, by SpyTech Software, is designed for comprehensive
monitoring of activities on personal computers. The software is intended for
use by parents, spouses, employers and other cautious parties. However, as
Graham’s situation demonstrates, such programs can easily be misused.
Graham’s intention had been to coerce the women to install
SpyAgent in order to monitor her activity on her personal computer, but when
the woman used a more public work computer to explore the program, she
unknowingly infected the network at Akron Children’s Hospital. The program sent
more than 1,000 screenshots back to Graham, detailing medical examinations and
procedures, confidential information relating to 62 patients, and financial
records for four hospital employees.
Graham is expected to formally plead guilty to charges of
illegally intercepting electronic communications on September 30, but such an
exploitative situation demonstrates how easy it can be to expose personal identity
information, even from “protected” facilities such as a children’s hospital.