Cybersecurity CEO Arrested After Allegedly Installing Malware on Hospital Computers
In a shocking breach of trust that highlights the rising threat of insider attacks, the CEO of a cybersecurity firm has been arrested for allegedly installing malware on hospital computers. Jeffrey Bowie, the head of Oklahoma-based Veritaco, faces two felony counts under Oklahoma’s Computer Crimes Act following his arrest on April 14, 2025.
The incident has sent ripples through the healthcare community and cybersecurity industry alike, raising critical questions about the vulnerabilities posed by individuals who are supposed to defend against cyber threats — not create them.
Table of Contents
Allegations of a Disturbing Breach
According to court documents, the alleged attack took place on August 6, 2024, at St. Anthony Hospital, a major medical facility in Oklahoma City. Security footage reportedly captured Bowie wandering the hospital's corridors, trying to access various offices before finding two unattended computers. It is alleged that he then installed malware designed to covertly take screenshots every 20 minutes and send them to an external IP address.
When questioned by hospital staff, Bowie claimed he was visiting a family member undergoing surgery and needed to use a computer. However, a forensic investigation conducted by St. Anthony’s IT security team soon revealed the installation of unauthorized malicious software.
“On August 6, 2024, an unauthorized individual was identified accessing a hospital computer in an alleged attempt to install malware,” stated SSM Health, the healthcare system operating St. Anthony Hospital, in an official release. “Due to precautions in place, the issue was addressed immediately, and no patient information was accessed.”
Background on the Accused
Jeffrey Bowie, prior to founding Veritaco in August 2023, built a career in cybersecurity, working as a Senior Cyber Security Engineer at High Point Networks and holding several other security roles. Veritaco, described on LinkedIn as specializing in cybersecurity, digital forensics, and private intelligence, was a small firm with just a handful of employees.
The breach is especially alarming because Bowie, given his background, would have understood the full implications of planting malware inside a hospital — an environment where lives depend on the integrity and reliability of computer systems.
Potential Penalties and Ongoing Investigation
Under Oklahoma law, felony violations of the Computer Crimes Act can lead to serious consequences, including fines ranging from $5,000 to $100,000, imprisonment for up to ten years, or both. As of now, both the FBI and local law enforcement agencies are continuing their investigation into the case.
While no patient records were compromised thanks to swift action by hospital staff, the case serves as a stark reminder that insider threats can come from unexpected sources — even from those who are supposed to protect us.
Lessons for the Healthcare Sector
Healthcare institutions are already prime targets for cyberattacks due to the sensitive nature of the data they handle. This incident underscores the importance of robust physical security, strict access controls, constant monitoring, and rigorous vetting processes for anyone — even vendors and supposed experts — who come into contact with internal systems.
Organizations must maintain a "trust, but verify" mindset, ensuring that even highly credentialed individuals are not given unchecked access to critical infrastructure. In today's landscape, cybersecurity is not just about defending against outside attackers — the dangers from within can be just as real, and sometimes even more devastating.