Security News > 2020 > January > Hospital hacker spared prison after plod find almost 9,000 cardiac images at his home
A Stoke-on-Trent hospital administrator has avoided prison after hacking his NHS trust and helping himself to almost 9,000 heart scan images.
As part of the police caution he agreed not to access any IT system within the hospital, not to enter the hospital unless he was ill or visiting a patient, and not to contact hospital staff unless asked to by the HR department.
Crown prosecutor Paul Spratt told Stoke-on-Trent Crown court: "He made an error in March 2017 and was cautioned for accessing the hospital computer by a home computer. He had, in truth, not obtained any material of a sensitive nature at that time."
Spratt added: "The hospital's head of cyber security undertook some administrative work on the main computer system in December 2017. He found someone other than himself, or a registered person, had been able to gain access to the administrator rights of the computer when they should not have done. They achieved that by changing a password."*. In December 2017, the Royal Stoke's head of cybersecurity discovered that changed password, as related in a report of Moonie's sentencing.
Moonie's case has some similarities with that of Jet2 hacker Scott Burns, who was also sacked, held a grudge and was later caught logging back into his former employer's network.