In 2018, a criminal hacker known as “Lifelock” reached out to DataBreaches to share details about two healthcare entities that had not met his ransom demands. These entities were a dental practice in Menlo Park, California, and the Holland Eye Surgery & Laser Center in Michigan. The latter case drew more attention from DataBreaches due to its failure to notify the Health and Human Services (HHS) and the affected patients in 2016. A subsequent investigation by DataBreaches confirmed Lifelock’s allegations that the doctors were aware of the breach in 2016 but did not disclose it as mandated by HIPAA. A formal complaint was eventually lodged with HHS regarding this concealment1.
Lifelock’s attempt to seek revenge on his victims through media coverage was somewhat misguided. His attacks on medical practices during the same time period thedarkoverlord was attacking them, his long and insulting emails to victims, his obsession with getting paid even after two years, and other similarities to thedarkoverlord were striking, and DataBreaches even commented on that publicly. In 2019, agents from the FBI who were involved in investigating thedarkoverlord secured a search warrant and with local officials, raided Lifelock’s home in Idaho where he lived with his girlfriend. During the raid, they seized a number of devices and materials.
Lifelock, whose actual name is Robert A. Purbeck, was arrested and indicted in March 2021. He was not indicted for any of the attacks attributed to thedarkoverlord, nor was it alleged that he was connected to thedarkoverlord. The victims listed in the indictment include a medical clinic in Griffin, Georgia, the city of Newnan, a medical practice in Lake Grove, Georgia, and an orthodontist in Wellington, Florida. He was not indicted for either of the two breaches he had shared with DataBreaches in 2018.
Since 2021, Purbeck has filed multiple motions in Idaho, Georgia, and California to suppress evidence or reclaim devices. Three of his cases reached the appellate court. He also initiated civil lawsuits against those involved in the search, seizure, and arrest. Most of his motions have been unsuccessful, and his trial was set for May. However, on March 1, the docket indicated that a change of plea hearing has been set for March 19 at 11:00 AM in ATLA Courtroom 2106 before Judge Timothy C. Batten Sr.
It appears that it is all over but for the sentencing recommendations and negotiations before sentencing. There were 11 counts in the indictment:
- 18:1030(a)(2)(C), 1030(c)(2)(B)(i) and 1030(c)(2)(B)(iii) and Section 2 FRAUD ACTIVITY CONNECTED WITH COMPUTERS (1-3)
- 18:1030(a)(7)(B) and 1030(c)(3)(A) and Section 2 FRAUD ACTIVITY CONNECTED WITH COMPUTERS (4)
- 18:1343 and Section 2 FRAUD BY WIRE, RADIO, OR TELEVISION (5-8)
- 18:1029(a)(2) and (c)(1)(A)(i) and Section 2 PRODUCES/TRAFFICS IN COUNTERFEIT DEVICE
(9-11)
As part of any plea agreement, we will find out which charges have been dismissed. Purbeck will also need to admit his crimes and affirm that the charges are accurate and that the prosecution has sufficient evidence to prove them.
Purbeck’s criminal case does not necessarily affect the civil rights lawsuit he filed in Idaho. Most of the defendants in that case (Purbeck v. Wilkinson et al) have been dismissed, leaving two FBI agents from Georgia and Ada County, Idaho.
1 As far as DataBreaches knows, the investigation of that complaint may still be open.