DataBreaches.net

DataBreaches.net

The Office of Inadequate Security

Menu
  • Breach Laws
  • About
  • Donate
  • Contact
  • Privacy
  • Transparency Reports
Menu

GA: Emory University law students and medical students targeted in ID theft scheme

Posted on December 13, 2013 by Dissent

Schools need to remain cognizant that “directory information,” not protected by FERPA, can be used for ID theft.

Maario Coleman and Angela Russell have been arraigned for operating a scheme to obtain thousands of dollars by stealing the identities of Emory University law and medical students and using them to apply for loans.

According to United States Attorney Yates, the charges, and other information presented in court: Coleman obtained lists of students graduating in the class of 2013 by checking university websites and attending graduation ceremonies.  Coleman and Russell used that information to obtain the students’ dates of birth and social security numbers from online databases.  The defendants then used those personal identifiers to apply for post-graduate “bar loans” and “residency loans” at Discover Bank.  “Bar loans” are designed to pay for living expenses and exam preparation while law school graduates studied for the bar exam.  Similarly, “residency loans” assist medical school graduates with the costs of residency, relocation, and board exam review courses.

In many instances, Discover required school transcripts before it would approve and fund the loans.  To satisfy this requirement, Coleman and others used the personal identifiers of the victims to obtain passwords to access Emory’s online portal and order the victims’ transcripts.  The transcripts were mailed to other participants in the scheme, and Coleman then coordinated sending the transcripts to Discover.  He also arranged for the loan proceeds to be deposited into bank accounts fraudulently opened in the victims’ names.  After the loans were funded, other participants in the scheme obtained the funds via ATM withdrawals.

The investigation showed that the scheme began as early as May 2013, and continued until at least November 6, 2013.  On that date, law enforcement officers, including federal agents, interviewed Russell regarding the scheme.  Following the interview, the agents went to a second location, and then returned to Russell’s residence.  When they arrived, agents became alarmed by a large volume of smoke they saw rising from Russell’s apartment.  After entering the apartment, the agents found Coleman and Russell inside, with fire and smoke coming from the fireplace.  The agents put out the fire with an extinguisher and discovered documents and computer equipment, including hard drives and at least one laptop, all either burned in the fire, dismantled or gouged.

To date, investigators have identified over $200,000 in false loan applications.  In addition, over 100 students at Emory and other Georgia universities have had their personal information compromised.  The fraud was discovered when several Emory students contacted the Emory Police Department after realizing that their personal information had been compromised.  The investigation is ongoing.

The indictment charges Coleman, 27, of Decatur, Ga., with one count of conspiracy to commit bank fraud, three counts of aggravated identity theft, one count of computer fraud, and one count of tampering with computers and documents.  Russell, 42, of Dunwoody, Ga., is charged with one count of conspiracy to commit bank fraud, one count of aggravated identity theft, and one count of tampering with computers and documents.  Both appeared before Linda T. Walker, United States Magistrate Judge.

The bank fraud conspiracy and tampering charges each carry a maximum sentence of 20 years in prison.  The computer fraud charge carries a maximum sentence of 5 years in prison.  The aggravated identity theft charges carry at least one mandatory two-year consecutive sentence, in addition to any other sentence imposed.  In addition, the bank fraud count carries a fine of up to $1,000,000, and the computer fraud and tampering counts each carry a fine of up to $250,000.  In determining the actual sentence, the Court will consider the United States Sentencing Guidelines, which are not binding but provide appropriate sentencing ranges for most offenders.

Members of the public are reminded that the indictment only contains charges.  The defendant is presumed innocent of the charges and it will be the government’s burden to prove the defendant’s guilt beyond a reasonable doubt at trial.

This case is being investigated by the Federal Bureau of Investigation and the Emory University Police Department.

Assistant United States Attorney Shanya Dingle is prosecuting the case.

For further information please contact the U.S. Attorney’s Public Affairs Office at [email protected] or (404) 581-6016.  The Internet address for the home page for the U.S. Attorney’s Office for the Northern District of Georgia Atlanta Division ishttp://www.justice.gov/usao/gan/ .

SOURCE: U.S. Attorney’s Office, Northern District of Georgia

Related Posts:

  • GA: Identity Thieves Sentenced To Federal Prison
  • Oh, those hidden fields in Excel spreadsheets:…
  • MO: Former police officer, wife plead guilty to ID…
  • Honors mailing list hacked, offensive memes in email…
  • Handshake security breach affects thousands of…

Post navigation

← EZ Yield notifying customers of hack involving online hotel reservation system
VA: Hacker Sentenced For Breaking Into Medical School Application Computers →

Sponsored or Paid Posts

This site doesn’t accept sponsored posts and doesn’t respond to requests about them.

Have a News Tip?

Email:

Breaches[at]Protonmail.ch
Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Telegram: @DissentDoe

Browse by News Section

Latest Posts

  • Proliance Surgeons notifying 437,392 patients after ransomware attack earlier this year
  • After $50 Million Breach, KyberSwap Faces Hacker’s Shocking Demands
  • Hendersonville city employees target of cybersecurity breach
  • Ukrainian gets 8-year sentence for running marketplace for Americans’ data
  • Some city data was stolen during cyber breach; full scope remains unknown, Long Beach says
  • More than 1 million Michiganders affected by Welltok cyberattack
  • Line operator says 440,000 personal records leaked in data breach
  • Ransomware group ‘Black Basta’ has raked in more than $100 million -researchers

Please Donate

If you can, please donate XMR to our Monero wallet because the entities whose breaches we expose are definitely not supporting our work and are generally trying to chill our speech!

Donate- Scan QR Code   Donate!

Social Media

Find me on Infosec.Exchange.

I am also on Telegram @DissentDoe.

RSS

Grab the RSS Feed

Copyright

© 2009 – 2023, DataBreaches.net and DataBreaches LLC. All rights reserved.

HIGH PRAISE, INDEED!

“You translate “Nerd” into understandable “English” — Victor Gevers of GDI Foundation, talking about DataBreaches.net

©2023 DataBreaches.net