Dive Brief:
- The Department of Justice announced Tuesday that Timothy DeFoggi, a former acting director of cybersecurity at the U.S. Department of Health and Human Services, has been convicted on charges of child pornography.
- DeFoggi has been convicted of "engaging in a child exploitation enterprise, conspiracy to advertise and distribute child pornography and accessing a computer with intent to view child pornography." He faces sentencing in November.
- DeFoggi was an active member of a site run by an already-convicted administrator from March 2012 until the site was shut down by the FBI in December 2012. According to the DOJ, DeFoggi accessed and solicited child pornography through the site, as well as communicated with other members in private messages.
Dive Insight:
Details of the timeline overlap between DeFoggi's criminal behavior and his employment at HHS are not yet clear. However, a Tim DeFoggi appears in official HHS documents from 2010 and as recently as 2014. Specifically, in a 2010 document, Timothy DeFoggi is named as the Chief Information Security Officer at Indian Health Services, an HHS department that serves Native American and Alaskan Native peoples. An organizational chart in a 2014 HHS funding document describes Tim DeFoggi as the head of OS IT Security, a role in which he reported directly to the agency's CISO.