Oct 272014

Cassandra Nist reports:

Those who parked in the Willard Parking Garage on Friday, Oct. 24th and paid with a credit or debit card may have had their bank accounts breached.

Sources tipped off NewsChannel5 that federal workers inside the Anthony J. Celebrezze Federal Building received a memo from management Monday morning.

Bank accounts were reportedly breached after the workers paid their monthly parking fee on Friday via credit or debit cards.

Read more on NewsChannel5.

Oct 252014

There’s an update to a case previously noted on this blog.

A member of an international cybercrime, identity theft and credit card fraud conspiracy was sentenced yesterday to 21 months in prison for using information hacked from customer accounts held at more than a dozen banks, brokerage firms, payroll processing companies and government agencies in an attempt to steal at least $15 million from American customers, U.S. Attorney Paul J. Fishman of New Jersey announced.

Robert Dubuc, 41, of Malden, Massachusetts, previously pleaded guilty before U.S. District Judge Peter G. Sheridan to an information charging him with one count of wire fraud conspiracy and one count of conspiracy to commit access device fraud and identity theft. Judge Sheridan imposed the sentence today in Trenton federal court.

According to documents filed in the case and statements made in court:

Both Dubuc and Oleg Pidtergerya, 50, of Brooklyn, New York, were asked by leaders of the conspiracy to participate in a scheme to “cash out” bank accounts and pre-paid debit cards opened in the names of others. Oleksiy Sharapka, 34, of Kiev, Ukraine, allegedly directed the conspiracy with the help of Leonid Yanovitsky, 39, also of Kiev. Pidtergerya managed a cash-out crew in New York for Sharapka and Yanovitsky, and defendant Dubuc controlled a cash-out crew in Massachusetts for the organization.

Conspiring hackers first gained unauthorized access to the bank accounts of customers of more than a dozen global financial institutions and businesses, including: Aon Hewitt; Automatic Data Processing Inc.; Citibank N.A.; E-Trade; Electronic Payments Inc.; Fundtech Holdings LLC, iPayment Inc.; JP Morgan Chase Bank N.A.; Nordstrom Bank; PayPal; TD Ameritrade; U.S. Department of Defense, Defense Finance and Accounting Service; TIAA-CREF; USAA; and Veracity Payment Solutions Inc.

After obtaining unauthorized access to the bank accounts, Sharapka and Yanovitsky diverted money to other bank accounts and pre-paid debit cards they controlled. They then implemented a sophisticated “cash-out” operation, employing crews of individuals known as “cashers” to withdraw the stolen funds from the fraudulent accounts, among other ways, by making ATM withdrawals and fraudulent purchases in New York, Massachusetts, Illinois, Georgia and elsewhere. Both Sharapka and Yanovitsky are under indictment in the United States and remain at large.

During their guilty plea proceedings, Pidtergerya and Dubuc admitted they were aware fraudulent accounts and cards were created without the consent of the individuals in whose names they were opened. Both men admitted coordinating ATM and bank withdrawals of the stolen funds. In addition they admitted to sending proceeds of the fraud to Sharapka and Yanovitsky in Ukraine.

The government’s ongoing investigation into the organization has so far identified attempts to defraud the victim companies and their customers of more than $15 million.

In addition to the prison term, Judge Sheridan sentenced Dubuc to serve three years of supervised release and pay restitution in the amount of $338,685.  Sentencing for Pidtergerya is scheduled for Dec. 22, 2014.

SOURCE: U.S. Attorney’s Office, District of New Jersey

Oct 252014

Rodney Fleurimond, 24, of Miami, was sentenced this week before U.S. District Judge Federico A. Moreno to twenty-four months and one day in prison, to be followed by three years of supervised release. Fleurimond was furthered ordered to pay $60,405 in restitution.

Fleurimond previously entered a plea of guilty to one count of fraudulently using unauthorized access devices to obtain anything of value aggregative over $1,000, in violation of Title 18, United States Code, Section 1029(a)(2), and one count of aggravated identity theft, in violation of Title 18, United States Code, Section 1028A(a)(1).

According to court records, from October 20, 2013 through June 26, 2014, the State of Florida unemployment insurance claims of at least 188 victims were accessed online from Fleurimond’s residences using the victims’ personally identifying information, including their names and social security numbers. A total of $60,405 in fraudulent unemployment insurance benefits was paid into bank accounts controlled or used by Fleurimond. Specifically, the fraudulent unemployment insurance claims of eleven victims were deposited into Fleurimond’s personal checking account; twelve additional fraudulent claims were deposited into other accounts associated with Fleurimond. Bank photographs reflect Fleurimond withdrew fraudulent funds from each of these accounts. The amount of loss resulting from Fleurimond’s offense was $142,905.

SOURCE: U.S. Attorney’s Office, Southern District of Florida

Okay, so how did Fleurimond obtain the victims’ identifying information to use in this scheme?  I wish they’d tell us these things.

Oct 252014

Lindsey Rogers reports:

A Tallassee business is now front and center in an investigation into hundreds of stolen identities. The hack affected up to 700 people in and around the small town.

Victims continue to deal with the fallout from the massive credit card hack.

Anne Christian and Elizabeth Britt are Tallassee residents who had their credit card information stolen. Counterfeit cards were made and used to buy things in different parts of the country.

“My card was being used mainly up east. There was a $659 charge to a place in Washington, D. C. There was another charge for $250 in Arlington, Virginia. Then there were some fast food places,” Britt said. “It’s been a terrible violation of privacy. It’s been like someone breaking into your home and having a tremendous theft problem in your own home.”

Over the past week, the investigation ballooned from 175 victims to 700. Victims had varying amounts stolen from them- anywhere from $2 to several hundred dollars.

And once again, law enforcement declines to identify the breached business.

Read more on WSFA.

Oct 242014

A Dothan, Alabama, woman was sentenced to serve 34 months in prison in connection with her role in committing stolen identity tax refund fraud.

On July 16, a jury found Nina Macena, 32, guilty of conspiring to defraud the government through the filing of false tax returns, three counts of wire fraud and three counts of aggravated identity theft. U.S. District Court Judge Thompson also ordered Macena to pay restitution in the amount of $109,480.

According to court documents and evidence from the trial, Macena provided stolen identities to Ivory Bolen, also of Dothan, who used the identities to file false tax returns that fraudulently requested refunds from the Internal Revenue Service (IRS).  Bolen would attempt to have the refunds deposited onto prepaid debit cards, which would be mailed to addresses controlled by Bolen and Macena.  Macena obtained the identities from Roderick Neal, a former bail bondsman in Dothan, who had access to the personal information of individuals who had been detained at the Dothan City Jail.  Both Bolen and Neal previously pleaded guilty to their involvement in the scheme.   Altogether, Bolen filed tax returns claiming more than $300,000 in refunds using the stolen identities that Macena provided, but the IRS successfully stopped a number of the fraudulent returns.  Macena was ultimately convicted by the jury on all counts in the indictment.

Macena testified in her own defense at trial and admitted that she had obtained information from Neal for Bolen, but claimed that she was unaware of the nature of the information.  She also testified that she stored items for Bolen in her storage unit but that she was unaware of what she was storing.  At sentencing, the judge found that her testimony was not credible and consequently increased her prison time.

SOURCE: Department of Justice