UMMC sued after pharmacist allegedly hacked computers to spy on women

A pharmacist at the University of Maryland Medical Center (UMMC) has been accused of hacking hundreds of computers and, in some cases, using them to spy on women.

According to a class-action lawsuit, Matthew Bathula targeted at least 80 coworkers, most of whom were women working in various roles at the academic medical center. He allegedly recorded and took photos of the women through the cameras on the computers, watching them in some cases as they undressed and breastfed.

The lawsuit claims these incidents occurred both at home and at the facility. In some cases, Bathula also allegedly gained access to home security cameras inside the women’s residences.

He is also accused of using stolen passwords to access their personal emails, text messages, photo libraries and other sensitive information, effectively spying on them.

According to court documents, more than 400 devices were accessed over the span of a decade.

Listed as a defendant in the complaint, filed by the Grant & Eisenhofer law firm, is UMMC, which stands accused of lax security protocols that allegedly allowed Bathula to conduct his illegal voyeurism.

The plaintiffs claim the medical center discovered the misconduct in September 2024 but failed to notify the women. Lawyers claim they only learned the truth due to an ongoing investigation by federal authorities.

Bathula is no longer employed by UMMC and has not been criminally charged.

In a statement sent to WMAR-2 News, the hospital center said it is cooperating fully with the Federal Bureau of Investigation (FBI) and the U.S. Attorney’s office:

"The actions alleged in this matter run counter to every single value we stand for. At every level of our organization, we are deeply disappointed and angered at the actions of the individual at the center of this criminal investigation. It’s our most sincere hope and expectation that the person alleged to have violated the trust of his colleagues and of our organization will be held accountable to the fullest extent of the law, which is why we have worked collaboratively over the past several months with the FBI and US Attorney’s Office who are engaged in an active criminal investigation,” UMMC wrote.

“Healthcare organizations and the people who work in them have unfortunately in recent times become the victims of cyberattacks from threat actors, and we continue to take aggressive steps to protect our IT systems in this challenging environment. We understand the sensitivity of some of the information involved in this matter and extend our deepest regret and compassion to those affected by this individual’s actions,” it added.

Read the full report from WMAR-2 New at the link below.