Identity theft case seen as largest in U.S. history

US federal investigators have charged three men they say were involved in a massive identity theft scheme that spanned three years, involved more than 30,000 victims and, so far, has resulted in more than US$2.7 million in losses.

The scam is thought to be the largest in U.S. history, according to a statement issued by the U.S. Attorney's Office for the Southern District of New York.

The Federal Bureau of Investigation (FBI) has arrested Philip Cummings, who is alleged to have started the scam while he worked on the help desk at Teledata Communications Inc. (TCI), a company in New York that provides banks and other entities with computerized access to consumer credit reports from the three commercial credit history bureaus -- Equifax, Experian Information Solutions and Trans Union LLC.

Authorities said that beginning in 1999, Cummings, who worked at TCI until March 2000, had access to the passwords and codes used by TCI's customers to download consumer credit reports for business purposes. With these codes he was able to access credit reports for himself, authorities charged.

They also alleged that Cummings gave those passwords and codes to an unidentified co-conspirator and received US$30 for each credit report obtained using the stolen codes. That information was then passed on to at least 20 other people, authorities said. Cummings was still able to access the information after he left TCI, officials said.

In addition to Cummings, the FBI charged Linus Baptiste with wire fraud in connection to the case. They also arrested Hakeem Mohammed, who pleaded guilty to charges of mail fraud.

For proprietary and security reasons, the companies involved, including Ford Motor Credit and Teledata, would not comment on the security measures in place at the time of the alleged theft or the steps they might have taken to minimize any future risk. However, they did say they are cooperating with authorities in the investigation.

Analysts said that to guard against such theft, companies should follow a combination of common-sense high-tech, low-tech and no-tech security procedures.

On the high-tech end, companies should encrypt stored data so that even if an unauthorized person is able to access sensitive information, he wouldn't be able to make sense of it, according to Alan Brill, senior managing director of technology services at New York-based Kroll Inc., a security consulting company.

Low-tech security measures include checking for dead accounts and denying access to the network to anyone who has left the company.

"Companies probably remove those people from their e-mail accounts, but don't think to deny them access to the network," said John Pescatore, an analyst at Gartner.

As for low-tech measures, the analysts agreed that enterprises should always do background checks on potential employees, especially those with access to sensitive data.

Pescatore and Chris Rouland, director of X-Force at Internet Security Systems, said companies such as Ford and Washington Mutual Bank also had a responsibility to pay attention to the security procedures of their business partners, including insisting on periodic security audits and vulnerability assessments.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Linda Rosencrance

Computerworld
Show Comments

Cool Tech

Bang and Olufsen Beosound Stage - Dolby Atmos Soundbar

Learn more >

Toys for Boys

Nakamichi Delta 100 3-Way Hi Fi Speaker System

Learn more >

Sony WF-1000XM3 Wireless Noise Cancelling Headphones

Learn more >

ASUS ROG, ACRONYM partner for Special Edition Zephyrus G14

Learn more >

Family Friendly

Mario Kart Live: Home Circuit for Nintendo Switch

Learn more >

Philips Sonicare Diamond Clean 9000 Toothbrush

Learn more >

Stocking Stuffer

Teac 7 inch Swivel Screen Portable DVD Player

Learn more >

SunnyBunny Snowflakes 20 LED Solar Powered Fairy String

Learn more >

Christmas Gift Guide

Click for more ›

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Tom Pope

Dynabook Portégé X30L-G

Ultimately this laptop has achieved everything I would hope for in a laptop for work, while fitting that into a form factor and weight that is remarkable.

Tom Sellers

MSI P65

This smart laptop was enjoyable to use and great to work on – creating content was super simple.

Lolita Wang

MSI GT76

It really doesn’t get more “gaming laptop” than this.

Jack Jeffries

MSI GS75

As the Maserati or BMW of laptops, it would fit perfectly in the hands of a professional needing firepower under the hood, sophistication and class on the surface, and gaming prowess (sports mode if you will) in between.

Taylor Carr

MSI PS63

The MSI PS63 is an amazing laptop and I would definitely consider buying one in the future.

Christopher Low

Brother RJ-4230B

This small mobile printer is exactly what I need for invoicing and other jobs such as sending fellow tradesman details or step-by-step instructions that I can easily print off from my phone or the Web.

Featured Content

Product Launch Showcase

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?