ROCHESTER, N.Y. (WROC) — A former Trillium Health employee is facing federal charges for allegedly hacking multiple coworkers — stealing nude and compromising photos, as well as personal information — federal officials announced Wednesday.
Federal prosecutors say 28-year-old Ameer Elashmawy, of Rochester, is charged with unauthorized access of a protected computer and identity theft. The charges carry a maximum penalty of five years in prison and a $250,000 fine.
According to a criminal complaint, Elashmawy was an Information Systems Security Support Coordinator at Trillium Health in Rochester, and was responsible for the company’s information system security design and oversight. Offiials say Elashmawy also assisted employees with their various IT needs as they arose. He had administrative rights and could log onto other employee work accounts, but was not allowed to access personal accounts of employees or former employees.
Earlier this year, on January 2, a co-worker noticed unusual activity on Trillium Health’s network, and the IP address was traced back to Elashmawy. According to the criminal complaint:
“On January 6, 2020, Trillium Health contacted law enforcement and an investigation began into the defendant’s cyber intrusion into co-worker’s accounts. The investigation included a review of three USB thumb drives, an HP laptop computer, two work Dell PCs a hard drive, and two Apple I-phones, and the suspect device. A preliminarily review of the items identified that at least 14 identified victims, all employees from Trillium Health, had their personal accounts (social media, I-cloud, etc.) compromised by Elashmawy. The data reviewed included personal explicit photos and videos of the victims as well as numerous photos of the victim’s driver’s licenses, credit cards, social security cards, and other personal data. During the course of the investigation and continued analysis of computer devices, it was learned that numerous employees or former employees of Trillium Health had been victimized by the defendant.
Over 20 employees at Trillium Health were interviewed by investigators and each employee described similar circumstances: The victims were issued laptops by Trillium Health. When an update or issue arose with their work computer, IT was contacted. Each of the interviewed victims had been assisted by the defendant. Accordingly, Elashmawy was given access to their computers to correct work related issues. Each employee had accessed their personal social media, google, or email accounts at one time or another from their work laptop, all of which were password protected. None of the victims, (except for J.P.) provided the defendant with their passwords and none of the victims, including J.P. gave Elashmawy permission to access or download data from their personal password protected accounts.
Employee J.P. was also interviewed. In spring 2019, J.P. asked Elashmawy to install Spotify on her cell phone and work laptop. The defendant indicated he needed access to each device. J.P. wrote her passwords for each on a sticky note and told him to destroy the note when he was finished. On December 21, 2019, J.P. received a security alert from Google indicating someone tried to login to her account from another device. She then changed her password. On January 6, 2020, J.P. saw multiple logins on Google and her Facebook account from a PC, which J.P. does not own.”
Officials say, As a result of Elashmawy’s alleged actions, Trillium Health has spent more than $100,000 to safeguard and protect its impacted employees.
Officials say Elashmawy made an initial appearance before U.S. Magistrate Judge Mark W. Pedersen and was released on conditions.