When millions of records containing personal data for current and former federal employees were stolen through the infamous U.S. Office of Personnel Management (OPM) breach in 2015, no one could have possibly anticipated the fall out, other than to predict it would be bad. Today’s fraud article suggests that a Bowie, Maryland woman used leaked information from the data security breach heard around the world to carry out an identity theft fraud scheme by targeting a federal credit union headquartered in Newport News, Virginia.
The Bowie, Maryland woman recruited multiple co-conspirators to participate in the scheme that targeted Langley Federal Credit Union (LFCU). The fraudster and her cronies submitted numerous online membership and consumer loan applications using the stolen identities of OPM data breach victims. (Unfortunately, the credit union did not vet the personal information received in the applications prior to approving the loans to see if the data had been stolen.)
Meanwhile, the multitude of applications for personal and vehicle loans were approved. LFCU disbursed the loan proceeds by mailing checks to people posing as vehicle sellers and by making transfers into the checking and savings accounts that resulted from the fraudulent applications. Then the funds were transferred to the accounts of others, which were the co-conspirators in this story. (And, we can assume that they all had a spending party.)
The 39-year-old female from Bowie, Maryland pleaded guilty to aggravated identity theft fraud and faces up to 30 years behind bars for her part in the scheme. (One of her previous co-conspirators has already pleaded guilty to identity theft fraud.)
This case is one of the first to make it through the justice system as a result of the 2015 OPM hack that is said to have affected more than 22 million federal employees, contractors and job applicants. A subsequent Department of Justice press release clarifies that investigators are still working on finding the ultimate source of the personally identifiable information (PII) used, although it is suggested in today’s article that the woman obtained the PII used from the OPM breach. (Many of the victims of the LFCU scam were also victims of the OPM breach, so it’s not exactly clear how the woman at the center of this case obtained the PII.)
The OPM breach was the hack heard around the world that has prompted a crackdown on cybersecurity practices across all sectors. While the government has taken many steps to prevent this type of incident from occurring again, it’s likely that bad actors will continue in their pursuit to victimize others by stealing their PII. (In fact, you might be next.) To protect yourself from the likelihood of a similar event happening to you and for direction on what to do in the event it has already happened, check out this valuable information listed on the Department of Justice website.
Today’s “Fraud of the Day” is based on an article entitled, “Federal workers’ stolen IDs used for fraudulent loans,” posted on WTOP.com on June 18, 2018.
WASHINGTON — A Bowie, Maryland, woman faces up to 30 years in prison after pleading guilty to using stolen Social Security numbers from the 2015 data breach at the Office of Personnel Management to obtain fraudulent loans from a credit union.
In 2015, millions of Social Security numbers of current and former federal employees were stolen from OPM.