FBI Field Office Banner and link to homepage
Skip to Main Content

San Diego Home
Contact Us
Territory/Jurisdiction
About Us
• Our People & Capabilities
• What We Investigate
• Our Partnerships
• San Diego History
Press Room
Wanted by the FBI -
San Diego
In Your Community
FBI Jobs
Main FBI Website
Search FBI Website
 
Department of Justice Press Release
white spacer
For Immediate Release
June 9, 2008		 Karen P. Hewitt, United States Attorney
Southern District of California
(619) 557-5610


Man Sentenced on Federal Computer Hacking Charges

United States Attorney Karen P. Hewitt announced that Jon Paul Oson was sentenced today to serve more than five years’ imprisonment on federal computer hacking charges. Mr. Oson was convicted following a jury trial in August 2007 of two counts of intentionally damaging protected computers. The 63-month sentence imposed by the Honorable Thomas J. Whelan, United States District Judge, represents one of the longest sentences imposed for computer hacking in the United States. In addition to the custodial sentence, Oson was ordered to pay $144,358.83 in restitution to the Council of Community Health Clinics (CCC) and $264,979.00 in restitution to the North County Health Services Clinic (NCHS).

The evidence at trial established that, among other things, as summarized below, Oson deleted patient data of the NCHS clinic, which data were stored at the facilities of Oson’s former employer, the CCC, in San Diego. In addition to causing financial losses at CCC, NCHS, and other CCC member clinics, the deletion of the data caused patient care at NCHS to suffer.

According to court documents, Mr. Oson was employed as a network engineer and as technical services manager for the Council of Community Health Clinics from May 2004 until October 2005. CCC is a non-profit organization that provides a variety of services to its membership and consists of 17 community health clinics located in San Diego and Imperial counties. The largest member clinic is North County Health Services. NCHS, like the other member clinics of CCC, provides medical services to the poor, the uninsured, and the under-insured. NCHS used CCC’s information technology services to host and manage its Practice Management system. This software is used by NCHS for billing, scheduling of patient appointments, and tracking medical information of NCHS patients, including diagnosis, treatment plans, and case history. Mr. Oson’s resignation from CCC followed a performance evaluation that he perceived as negative.

The jury convicted Mr. Oson of accessing the CCC network without authority on December 23, 2005 and disabling the automatic process that created backups of the patient information for the NCHS database. The jury also found that on December 29, 2005, Oson attacked the CCC system again and systematically deleted data and software on several CCC servers, including the patient data for NCHS. In addition to attacking the NCHS servers at CCC, Oson deleted and attempted to delete data and software in several other CCC servers used by CCC and by other clinics.

This case was investigated by Special Agents assigned to the Cybercrime Squad of the San Diego Division of the Federal Bureau of Investigation.

Oson was taken into custody immediately following the imposition of sentence.

DEFENDANT Case Number: 06cr1875-W
Jon Paul Oson Chula Vista, California Age: 38

SUMMARY OF CHARGE
Two Counts - Title 18, United States Code, Section 1030(a)(5)(A)(i) - Intentionally Damaging
a Protected Computer.
Maximum Penalty: 10 years’ imprisonment and $250,000 fine per count

AGENCY
Federal Bureau of Investigation