#DataScam : Software Engineer charged with deliberately deleting files, further remanded

COLOMBO (News 1st); The Software Engineer attached to Epic Lanka Technologies responsible for deleting files from the National Medicines Regulatory Authority server, was further remanded to the 25th of October 2021.

The Software Engineer identified as Pramodh Dilupa Ramanayake is charged with deliberately deleting over 11,000 files from the database of the National Medicines Regulatory Authority.

Colombo Chief Magistrate Buddhika Sri Ragala on Monday (18) ordered the Prison Superintendent to allow the Criminal Investigations Department to record statements from the suspect from tomorrow (19) to the 23rd of October from 9 AM to 4 PM daily, at the prison premises.

Senior State Counsel Jayani Wegodapola, appearing for the prosecution told the court that the Laptop, 3 mobile phones, and other electronic devices seized from the possession of the suspect, were handed over to the Digital Forensic Laboratory of the CID.

Forensic Investigations have revealed that the deletion of over 11,000 files NMRA files relating to medicines and medicinal drugs was not a mistake and was a deliberate act, the Attorney General’s Department told the Colombo Additional Magistrate’s Court on the 29th of September.

Earlier, Deputy Solicitor General Dileepa Peiris told the court that the suspect Software Engineer has deleted files from his residence for a period of five hours from 03:45 AM on the 09th of July 2021 to 10:24 AM the same day.

On the 8th of October 2021, Deputy Solicitor General Dileepa Peiris informed the court that the suspect Software Engineer had deleted the files for approximately seven hours.

He said the investigations had revealed that he was guided by a group of people including those from the National Medicines Regulatory Authority, and the Medical Mafia.

On the 3rd of May 2018, the National Medicines Regulatory Authority (NMRA) and Epic Lanka Technologies Private Limited (‘EPIC LANKA’) signed an agreement for a period of five years to provide and implement a document & workflow management system as a service for NMRA.

Accordingly, the NMRA, termed as the employer was required to provide the Lanka Government Network (LNG 2.0) connectivity and On-site security, among other processes.

In addition, Epic Lanka Technologies was to provide 78 laptops, one LED monitor, and 10 wireless Laser Printers to the NMRA, with multiple sources that have confirmed that the agreement is SaaS, or ‘Software as a Service’.

The NMRA, Epic Lanka, and the ICTA – the consultant had thereafter agreed on the Software Requirement Specification and concluded the process with a User Acceptance Test, where NMRA personnel had tested the system on-site in the presence of ICTA personnel.

The total contract price for the total period of 60 months was agreed at just over 29 Mill Rupees (Rs. 29,130,900/- i.e.- Rs. 485,515/- x 60). Until July 2021, for a period of 25 months, the service was delivered.

That is until the infamous #DataScam took place.

According to inside sources, the architecture of the system provided to the NMRA does not specify an ‘official data classification’.

Sources have confirmed that the system provided two storages, one main database and secondary attachments database or the file server.

The main database is where all sensitive data on medicines and medical products are placed, and it is designed to go into auto-backup at midnight daily. The secondary database (File Server) with a capacity of around two terabytes was designed for the uploading of attachments to the sensitive material in JPEG or PDF format, sources have confirmed.

The File Serve will also contain research material for medicines and medical products.

Sources told News 1st that the File Server is not a system agreed to have a backup, as it was designated to hold non-sensitive material and the matter was never flagged at the review meetings for the 25 months until July 2021.

During the first week of July 2021, the NMRA had called for an online support meeting and the requirement, accepted by Epic, was passed down to the team of engineers in charge of the system.

Sources have confirmed that two days later, the NMRA had sent a system message claiming the File Server was not visible and a system inquiry had revealed that the Folder designated as File Server was MISSING.

An internal inquiry into the incident had revealed that the ‘unnamed systems engineer’ had executed the NMRA support required and given a ‘DELETE Command’ to the system.

The Systems Engineer had executed the DELETE command during the weekend.

Sources confirmed that the engineer 'claimed' it was “a mistake” and he had deleted the Original File and not the Test File.