Maryland Man Indicted on Unauthorized Computer Access Related to a Maryland Medical System and Identity Theft Charges

Baltimore, Maryland - A Maryland man is facing federal indictment stemming from an unauthorized computer access scheme involving a Maryland medical system.

Matthew Bathula, 41, of Clarksville, is charged with two counts of unauthorized access to a protected computer, and one count of aggravated identity theft while working as a pharmacy clinical specialist for Company A, a medical system located in the District of Maryland.

Kelly O. Hayes, U.S. Attorney for the District of Maryland, announced the indictment with Special Agent in Charge Jimmy Paul, FBI Baltimore Field Office.

"Bathula's alleged actions are a reprehensible invasion of privacy. He betrayed the trust of his employer and co-workers, as he gained access into the private worlds of nearly 200 victims without their knowledge or consent," Hayes said. "We, along with our law-enforcement partners, are committed to holding individuals accountable who commit cybersecurity crimes, thereby harming unsuspecting people."

"Matthew Bathula is accused of weaponizing technology to spy on hundreds of unsuspecting victims for eight years," Paul said. "I am proud of the swift and thorough response by FBI Baltimore's team of investigators who handled this case with urgency, care, and sensitivity. They worked diligently to identify and notify each of the 195 victims, who are located around the country, in just four months. The FBI will always investigate, pursue, and hold accountable those who hide behind screens and keyboards to exploit and violate the privacy of others."

According to the indictment, between July 2016 and September 2024, Bathula intentionally accessed Company A computers without authorization and obtained information from protected computers. Through this unlawful access, Bathula obtained victims' usernames, passwords, cookies, images, videos, and other data.

Bathula also used various cyber intrusion techniques - such as keylogging, cookie managers, mailbox-rule creation, and file masquerading - to obtain access to personal and professional accounts of people who were current or former employees, in a relationship with a current or former employee, and others affiliated with Company A. This enabled Bathula to access victims' online services such as Google Photos, iCloud Photos, Gmail, and Microsoft 365, and social media accounts. Additionally, the mailbox rule Bathula created automatically deleted incoming emails with the subject heading Critical Security Alert. This rule prevented Company A cybersecurity personnel from knowing their accounts were compromised.

Bathula's repeated exportation of browser cookies allowed him to import cookies into an internet browser and access victims' accounts on other devices without their authorization. This enabled Bathula to maintain unauthorized access to victims' accounts on his personal electronic devices from locations outside of Company A's network.

Additionally, between February 2023, and continuing through July 2024, Bathula installed a spyware software program on one or more of Company A's computers. Through using the software, Bathula conducted video surveillance of people present at Company A, and recorded victims without their consent, including people engaged in breast pumping.

An indictment is not a finding of guilt. Individuals charged by indictment are presumed innocent until proven guilty at a later criminal proceeding.

If convicted, Bathula faces up to 10 years in federal prison for unauthorized access to a protected computer (Company A), five years for unauthorized access to a protected computer (victims) and a maximum of two years for aggravated identity theft. By statute, the aggravated identity theft must run consecutive to any sentence imposed on Count Two. Actual sentences for federal crimes are typically less than the maximum penalties. A federal district judge determines sentencing after considering the U.S. Sentencing Guidelines and other statutory factors.

U.S. Attorney Hayes commended the FBI for its work in the investigation. Ms. Hayes also thanked Assistant U.S. Attorney Thomas M. Sullivan who is prosecuting the federal case.

For more information about the Maryland U.S. Attorney's Office, its priorities, and resources available to help the community, visit justice.gov/usao-md.

# # #