Former Maryland Pharmacist Indicted Over 8-Year Cyber Spying Campaign
A former Maryland hospital pharmacist who is alleged to have engaged in a multi-year cyber spying campaign is facing up to 17 years in jail. Matthew Bathula, 41, of Clarksville, is alleged to have engaged in the spying campaign for more than 8 years between July 2016 and September 2024, during which time he intentionally accessed computers without authorization and used a range of cyber intrusion techniques to steal sensitive data, including installing keyloggers and cookie managers, file masquerading, and setting up mailbox rules to avoid detection.
According to the indictment, these techniques allowed Bathula to steal a range of sensitive data, including usernames, passwords, cookies, images, videos, and other sensitive data. The data obtained from his actions was used to spy on current and former employees, individuals in a relationship with current and former employees, and other individuals affiliated with his employer. Credentials were obtained for almost 200 victims, which were used to access their social media accounts, as well as Google Photos, Google Nest, iCloud Photos, dating apps, and Gmail and Microsoft 365 accounts. He also created mailbox rules to delete warning messages, such as Critical Security Alerts, to avoid detection. Since cookies were stolen, they allowed Bathula to maintain access to victims’ accounts on his personal devices that were not connected to his employer’s network.
Further, between February 2023 and July 2024, spyware was installed on one or more of his employer’s computers, allowing him to conduct video surveillance of people at work and record video content. That included accessing Internet-enabled cameras and using them to record videos of young doctors and medical residents pumping breastmilk in closed treatment rooms. He is also alleged to have used stolen credentials to access the home security systems of his victims, which included using those systems to record video footage of women breastfeeding, interacting with young children, and engaging in sexual acts with their partners.
Bathula has been charged with two counts of unauthorized access to a protected computer and one count of aggravated identity theft while working as a pharmacy clinical specialist for Company A, a medical system located in the District of Maryland. “Bathula’s alleged actions are a reprehensible invasion of privacy. He betrayed the trust of his employer and co-workers, as he gained access into the private worlds of nearly 200 victims without their knowledge or consent,” Hayes said. “We, along with our law-enforcement partners, are committed to holding individuals accountable who commit cybersecurity crimes, thereby harming unsuspecting people.”
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
If found guilty, Bathula faces up to 10 years in jail for the unauthorized access to a protected computer at Company A, up to five years for unauthorized access to victims’ protected computers, and up to two years for aggravated identity theft. The aggravated identity theft sentence will be consecutive to any other sentence imposed.
While Company A was not named in the indictment, Bathula was employed by the University of Maryland Medical Center (UMMC) as a clinical pharmacist. At least six current and former employees have taken legal action against UMMC over Bathula’s actions. The lawsuit, which was reported on by The HIPAA Journal in April 2025, asserted claims for negligence, negligent supervision and retention, negligent security, and intrusion upon seclusion-invasion of privacy. The lawsuit seeks a jury trial, compensatory, exemplary, and punitive damages, litigation expenses and attorneys’ fees, and injunctive and declaratory relief.
“At the University of Maryland Medical System, ensuring the safety of our patients and team members are the utmost priorities in everything we do. We extend our deepest gratitude to the agencies involved in this investigation for their tireless efforts in obtaining an indictment,” explained a UMMC spokesperson in a statement provided to The HIPAA Journal. “We remain deeply disappointed and angered by the actions of Matthew Bathula and we are appreciative that this individual – who violated not only the trust of his colleagues but many of the values and policies of our organization – is being held accountable. Mr. Bathula’s actions are counter to every single value we stand for, and we deeply regret the impact to all affected team members. We remain committed to supporting our UMMS community and continuing our cooperation with law enforcement.”
