Insider Threat: Former employee of medical packaging company sentenced to federal prison for disrupting PPE shipments
Christopher Dobbins has been sentenced to federal prison for hacking his former employer and sabotaging their electronic shipping records, causing more than $200,000 in damage and delaying the shipment of personal protective equipment (“PPE”) during the COVID-19 pandemic.
“As businesses worked to get PPE into the hands of those most in need of it, Dobbins chose to hack his former employer and maliciously interrupt that process,” said U.S. Attorney Byung J. “BJay” Pak. “His actions caused delays in the delivery of desperately needed equipment in the midst of a worldwide pandemic.”
“During the height of a world-wide pandemic this defendant disrupted the distribution of critical medical supplies to health care workers on the front lines of the battle,” said Chris Hacker, Special Agent in Charge of FBI Atlanta. “This swift and efficient result sends a message that anyone who puts the lives of American citizens at risk will be pursued and punished for their egregious behavior.”
According to U.S. Attorney Pak, the charges and other information presented in court: In early March 2020, Dobbins was terminated from his employment at a medical device packaging company. While employed at the company, Dobbins had administrator access to the computer systems containing the company’s shipping information. When his employment was terminated, he also lost his access to the company’s computer systems.
On March 26, Dobbins received his final paycheck from the company. Three days later, on March 29, 2020, he used a fake user account that he had previously created while still employed at the company to log into the company’s computer systems. He then conducted a computer intrusion that disrupted and delayed the medical device packaging company’s shipments of PPEs.
While logged in through the fake user account, Dobbins created a second fake user account and then used that second account to edit approximately 115,581 records and delete approximately 2,371 records. After taking these actions, Dobbins deactivated both fake user accounts and logged out of the system. The edits and deletions to the company’s records disrupted the company’s shipping processes, causing delays in the delivery of much-needed PPEs to healthcare providers.
Christopher Dobbins, 41, of Duluth, Georgia, has been sentenced to one year and one day in prison and ordered to pay restitution in the amount of $221,200. Dobbins was convicted on these charges on July 10, 2020, after he pleaded guilty.
This case was investigated by the Federal Bureau of Investigation.
Assistant U.S. Attorney Samir Kaushal prosecuted the case.
This case is part of Georgia’s Coronavirus (COVID-19) Fraud Task Force, aimed at better protecting the citizens of Georgia from criminal fraud arising from the pandemic. Formed by Georgia’s leading state and federal prosecutors, the task force serves to open channels of communication between partner agencies and more rapidly share information about COVID-19 fraud, while ensuring each fraud complaint is reported to the appropriate prosecuting agency. The task force member agencies include the Office of the Governor of Georgia, the Office of the Attorney General of Georgia, the U.S. Attorney’s Office for the Northern District of Georgia, the U.S. Attorney’s Office for the Middle District of Georgia, the U.S. Attorney’s Office for the Southern District of Georgia and the Prosecuting Attorneys’ Council of Georgia (PAC). Georgia’s three U.S. Attorneys, the Attorney General of Georgia, the Executive Counsel for the Governor’s Office and the PAC Executive Director serve on the task force. If you think you are a victim of a scam or attempted fraud involving COVID-19, contact the National Center for Disaster Fraud Hotline at 866-720-5721 or via email at www.justice.gov/DisasterComplaintForm.
Source: U.S. Attorney’s Office, Northern District of Georgia