UMD contractor said he breached sensitive data, posted it online to call attention to security flaws
COLLEGE PARK, Md. (WJLA) - According to a report in the Baltimore Sun, the FBI is investigating a University of Maryland contract worker who says he breached employees' personal information and posted it online in order to call attention to security flaws that still existed in the school's data systems even after the massive data breach that occurred in February of this year.
David Helkowski told the Sun in an interview that he considers himself a whisleblower, not a criminal, because he tried to warn university officials months before the major data breach in February that exposed the personal information of more than 300,000 people.
Helkowski said he became frustrated when no one listened to his warnings, so he tried to take matters into his own hands.
Helkowski said he breached university files and exposed personal information including UMD President Wallace D. Loh's social security number and cellphone number, in order to alarm officials and get them to pay attention.
Helokowski explained that, while an employee at the Canton Group, he was contracted to work on the website for UMD's School of Public Health, which is when one of his virus scanners alerted him to a vulnerability that he followed, and eventually allowed him to access at least 80 supposedly-secure databases containing sensitive information.
Helkowski said he notified his employer, and even President Loh himself, before deciding to take action.
The FBI raided Helkowski's home last month.
To date, Helkowski has not been officially charged with any crime.