NEWARK – A former computer systems administrator for Medco Health Solutions, Inc. pleaded guilty today to planting a “logic bomb” in Medco’s computer systems that was designed to wipe out critical data stored on more than 70 servers, U.S. Attorney Christopher J. Christie announced.

During a plea hearing before U.S. District Judge Jose L. Linares, Yung-Hsun Lin a/k/a “Andy Lin,” 51, of Montville, N.J., admitted that while he was employed as a system administrator at Medco’s Fair Lawn office he modified existing computer code and added additional code designed to wipe out computer servers on Medco’s network. Lin admitted that he scheduled the code to “detonate” on his birthday.

Among the databases operated from the affected servers was a critical one maintained and updated regularly by Medco – a patient-specific drug interaction conflict database known as the Drug Utilization Review (DUR). Prior to dispensing medication, pharmacists routinely examined the information contained in the DUR to determine whether conflicts existed between or among an individual's prescribed drugs.

Lin pleaded guilty to one count of transmiting computer code with the intent of causing damage in excess of $5,000. He faces a maximum statutory penalty of 10 years in prison and a $250,000 fine. Judge Linares scheduled sentencing for Jan. 8.

“It is important to note that this prosecution could not have occurred without the cooperation of Medco, which brought Mr. Lin to our attention immediately after it uncovered his activities,” said Christie. “Unfortunately, the case also highlights the dangers posed by the occasional disgruntled, rogue employee who is well situated and able to cause such potential damage and disruption at a company.”

In addition to the DUR database, the Medco servers targeted by the logic bomb contained applications relating to clients' clinical analyses, rebate applications, billing, and managed care processing. Further, the servers handled new prescription call-ins from doctors and coverage determination applications, as well as numerous internal Medco applications, including the corporate financials, pharmacy maintenance tracking, web and pharmacy statistics reporting, and the employee payroll input.

Lin admitted that he first created the malicious computer code in October 2003, around the time Medco was being spun off from Merck & Co., and Lin feared that layoffs may affect him.

In September 2003, e-mails were circulated among Lin and others discussing the anticipated layoffs of Medco computer system administrators. Then, on Oct. 2, 2003, Lin created the logic bomb by modifying existing computer code and inserting new code into Medco’s servers. Part of the new computer code Lin programmed and inserted included a script designed to deploy the logic bomb automatically on April 23, 2004 – his birthday.

2
Lin kept the logic bomb in place after it failed to deploy on April 23, 2004, notwithstanding the fact that he was not laid off. Lin admitted that he then set the logic bomb to deploy on April 23, 2005.

On Jan. 1, 2005, a Medco computer systems administrator investigating a system error discovered the logic bomb embedded within other scripts on Medco’s servers, disguised in such a way as to make it difficult to discover. Medco information technology security personnel subsequently neutralized the destructive code.

Christie credited the Special Agents of the FBI, under the direction of Special Agent Weysan Dun, with the investigation of Lin’s conduct. Christie also credited Medco for its cooperation in the investigation.

The case is being prosecuted by Assistant U.S. Attorney Erez Liebermann of the U.S. Attorney’s Computer Hacking and Intellectual Property Section, and Marc Ferzan, Chief of the U.S. Attorney’s Commercial Crimes Unit.

end-

Defense Counsel: Kevin Marino, Esq., Newark