Let’s travel together.

Senior living hacker sentenced to 20 years for $27 million ransomware attack – News

(Credit: krisanapong detraphiphat / Getty Images)

A Canadian man linked to an international network of ransomware attacks affecting the senior living industry during the COVID-19 pandemic has been sentenced to 20 years in prison and ordered to forfeit $21.5 million.

Sebastien Vachon-Desjardins was part of the NetWalker hacker ring that extorted at least $27.6 million from dozens of businesses, healthcare providers, law enforcement and educational institutions all over the world. The Justice Department said the attacks specifically targeted the healthcare sector during the pandemic, taking advantage of the global crisis to extort victims.

Lorien Health Services, which provides assisted living, skilled nursing and rehabilitation services at nine locations in Maryland, was one of NetWalker’s alleged victims, as previously reported by McKnight’s Senior Living. The data breach in 2020 reportedly exposed the personal information of almost 48,000 residents. It included names, Social Security numbers, dates of birth, addresses, and health diagnoses and treatment information.

Lorien reported the matter to the FBI, notified potentially affected residents, and hired cybersecurity experts to aid in its response to the incident.

“The defendant in this case used sophisticated technological means to exploit hundreds of victims in numerous countries at the height of an international health crisis,” U.S. Attorney for the Middle District of Florida Roger B. Handberg said in a statement.

Vachon-Desjardins was extradited to the United States this spring after being arrested by Canadian authorities in January 2021 in Quebec. During a search of his home, Canadian law enforcement discovered and seized $742,840 in Canadian currency and 719 Bitcoin valued at $21.8 million at the time of seizure and $14.5 milion today.

He was indicted in February 2021 on conspiracy to commit computer fraud and wire fraud, intentional damage to a protected computer and transmitting a demand in relation to damaging a protected computer. 

In February, an Ontario court judge sentenced Vachon-Desjardins to seven years in prison after he pleaded guilty to five counts tied to 17 ransomware attacks between May 2020 and January 2021 in Canada amounting to $2.8 million. 

The charges included mischief and theft of computer data, extortion, payment of cryptocurrency ransoms and participating in the activities of a criminal organizations. Vachon-Desjardins also agreed to partial restitution, forfeiture of assets seized and a DNA order. 

A US court will determine Vachon-Desjardins’ restitution at a later date.

Comments are closed.