Kamlesh Patel Sentenced for Cyber Attack on Ex-Employer

Kamlesh Patel, 39, of Lowell, Massachusetts, is going to jail — not for armed robbery or assault, but for a cold, calculated digital sabotage that crippled multiple business networks. Patel was sentenced yesterday in U.S. District Court in Boston to 24 days in jail, one year of home detention, five years of probation, and ordered to pay $137,896 in restitution. His crime? Launching a malicious cyber attack against his former employer and three former clients — deleting critical data and bringing operations to a standstill.

Patel, once a senior network engineer at Baesis Inc. in Northborough, turned his technical expertise into a weapon after the company terminated his employment in October 2010. Using a former colleague’s stolen network credentials, Patel breached Baesis’ computer systems and wiped out their image server — a central hub that stored backup configurations for client networks. That single act erased vital infrastructure data, jeopardizing the operations of multiple businesses relying on Baesis for IT support.

The damage didn’t end there. Starting in late January 2011, Patel returned to the attack. Again exploiting the same compromised credentials, he infiltrated Baesis’ network and reached deep into the systems of three former clients. Armed with specialized software, he methodically deleted data across all four networks. The fallout was immediate: companies lost internet access, email systems collapsed, and one business was knocked off its internet phone system for weeks — a crippling blow in a modern economy.

Patel pleaded guilty in July 2016 to two federal counts: causing damage without authorization to internet-connected computers and using means of identification to commit the offenses. The charges reflect the severity of his actions — exploiting insider knowledge and stolen access to wage a digital vendetta. Federal prosecutors emphasized that Patel’s actions didn’t just cause inconvenience; they caused measurable financial and operational harm to multiple victims.

U.S. Attorney Carmen M. Ortiz and Matthew J. Etre, Special Agent in Charge of Homeland Security Investigations in Boston, announced the sentencing today. The investigation was a joint effort between federal authorities and Baesis, Inc., which cooperated fully in tracing the intrusions back to Patel. Assistant U.S. Attorney Seth B. Kosto of Ortiz’s Cybercrime Unit led the prosecution, underscoring the DOJ’s increasing focus on holding insider threats accountable.

Patel’s 24-day jail sentence may seem light for the damage inflicted, but the additional year of home detention and five years of probation send a message: cyber sabotage, especially by trusted insiders, will be met with federal consequences. At a time when corporate networks are under constant siege, the Patel case serves as a grim reminder — the greatest threats sometimes come from within.