WebMD is scrambling to obtain computer logs, scripts and other files of Internet service providers in a race to find "several defendants whose identities are not yet known" who clandestinely downloaded vast portions of its prized physician database, according to federal court filings in Georgia.
On Feb. 28, the Elmwood Park, N.Y.-based healthcare IT company, which is incorporated in Georgia, received permission by U.S. District Judge Clarence Cooper in Atlanta to obtain subpoenas and compel the production of ISP logs and other records within three days.
The company said in its motion for expedited discovery that "time is of the essence" since the information WebMD needs from third parties to identify and locate the defendants is "typically maintained for only a few days or weeks. Delay also could lead to further compromise" of its database, the company said.
"Internet hackers frequently conduct their illegitimate actions through bogus accounts with multiple Internet service providers and/or through multiple computers they have seized remotely in order hide their identities. WebMD therefore anticipates that it may need to pursue discovery through several layers of accounts and computers to obtain the information necessary to identify defendants," the motion for expedited discovery said.
WebMD filed suit Feb. 23 against "John Does one through ten," alleging violations of the Federal Computer Fraud Abuse Act, the Georgia Computer Systems Protection Act and state common law prohibitions against trespass and breach of contract. The suit alleges the unnamed defendants over the preceding month "scraped," or downloaded, "hundreds of thousands of pages" of proprietary WebMD information from an online WebMD database, specifically, its physician directory, "the most comprehensive, up-to-date directory of physicians practicing in the U.S." and "one of WebMD's most valuable assets," according to the complaint. The directory is compiled and updated by The Little Blue Book, a WebMD company.
WebMD says it sells the listings from its physician directory for specific metro areas in printed, CD and PDF formats.
Meyer said a WebMD technology operations team that regularly reviews utilization logs identified the breach. "Since it occurred we have taken appropriate technical action to minimize the chance of this happening in the future," she said.