Skip Navigation

Insider Threat Incident Postings As Of February 28, 2021

Hackers Breach Water Treatment Plant SCADA System And Increase Filtering Chemicals To Toxic Level Because Of Lax Security By Employees – February 10, 2021
The Florida water treatment facility in Oldsmar, Florida, experienced a potentially hazardous computer breach because of an unsupported version of Windows with no firewall, and because employees shared the same TeamViewer Remote Access password, government officials have reported.

The computer intrusion happened February 5, 2021. After gaining remote access to a Windows 7 computer that controlled equipment inside the water treatment plant, the unknown intruder increased the amount of sodium hydroxide (Lye), from about 100 parts per million (ppm) to 11,100ppm.

Lye is used in small amounts to adjust drinking water alkalinity and remove metals and other contaminants. In larger doses, the chemical is a health hazard. The tampering could have caused severe sickness or death had it not been for safeguards the city has in place.

https://arstechnica-com.cdn.ampproject.org/c/s/arstechnica.com/information-technology/2021/02/breached-water-plant-employees-used-the-same-teamviewer-password-and-no-firewall

 

Former U.S. Postal Service Employees Among Eleven Individuals Charged In Conspiracy To Steal Credit Cards From the Mail – February 26, 2021
Law enforcement uncovered the 18-month conspiracy through a federal investigation dubbed Operation Cash on Delivery.

The former USPS employees, who at the time worked as mail carriers in the Chicago area, stole credit cards and other financial instruments from the mail and provided them to others in exchange for cash or other items. Two of the defendants unlawfully obtained USPS customers’ personal identifying information, including dates of birth and Social Security numbers, which was then used to fraudulently activate the stolen cards and make purchases at various retailers, including Best Buy, Fry’s Electronics, Walmart, and Meijer, the charges allege.

https://www.justice.gov/usao-ndil/pr/former-postal-service-employees-among-eleven-individuals-charged-conspiracy-steal

 

Former GE Engineer And Co-Conspirator Charged With Conspiring To Steal Trade Secrets Worth Millions – February 26, 2021
Winsman Ng is a Chinese businessman residing in Hong Kong. He has been charged with conspiring to steal General Electric’s (GE) trade secrets involving the company’s silicon carbide MOSFET technology worth millions of dollars.

Ng conspired with at least one other person, a GE engineer of more than seven years, to steal MOSFET trade secrets and other proprietary information from GE. Ng and the co-conspirator allegedly used those trade secrets to create a business plan and develop PowerPoint presentations which they gave to prospective investors. Ng and the co-conspirator told potential investors that their business could be profitable within 3 years and that their start-up business possessed assets, that were tangible and intangible, and were estimated to be worth $100 million. As part of the scheme, they sought approximately $30 million in funding in exchange for an ownership stake in their start-up company. In August 2017, Ng and the co-conspirator allegedly met in China and gave presentations to a Chinese investment company that was considering providing funding to Ng’s start-up company.

https://www.justice.gov/opa/pr/chinese-businessman-charged-conspiring-steal-trade-secrets

 

Former Employee Of Food Distributor Being Sued For Misappropriating Confidential Information / Company Lost Profits Of $749,000 – February 25, 2021
Food supplier Angliss Singapore is suing a former senior employee who allegedly misappropriated confidential information when he left the company for a competitor, resulting in the loss of a distributorship it had held for over 40 years.

Angliss alleges that Roger Yee Heng Khay, its former business development manager, took over 100 files containing confidential information when he was about to join competitor firm Indoguna, which allowed Indoguna to solicit Angliss’ key dairy product supplier Arla, or allowed Mr Yee to persuade Arla to switch distributors.

The company lost profits of $749,000 as a result of losing the distributorship, according to Angliss’ expert witness for assessing damages.

https://www.straitstimes.com/business/companies-markets/angliss-singapore-sues-ex-staff-for-misappropriating-confidential

 

Former Bookkeeper Sentenced To Prison For $1.3 Million+ Of Embezzlement From 2 Previous Employers – February 25, 2021
Jessica Greenan acknowledged embezzling company funds from a Hyannis company for which she handled bookkeeping and payroll services. From October 2014 until she was terminated in March 2018, Greenan embezzled $1,135,460, including 536 occasions when she wired funds from the store’s operating bank account to pay her credit card bills. Greenan doctored the company bank statements and internal records to make the payments to her credit cards appear to be legitimate expenses, and also failed to report any of her illegal income to the IRS over the five year duration of the embezzlement scheme, thereby evading more than $325,000 in federal taxes.

After Greenan was fired by the first employer, she obtained employment as the bookkeeper for a Cape Cod construction company in August 2018 and immediately began stealing company funds. Until her new scheme was discovered, Greenan embezzled more than $287,000 by wiring payments from a company bank account to pay her credit cards, made more than $5,300 in unauthorized charges to a company credit card, and converted more than $11,000 of company funds to pay auto loans. Greenan forged the company owner’s signature to transfer company funds, and then fraudulently obtained more than $6,300 in unauthorized payroll after her employment had been terminated.

https://www.justice.gov/usao-ma/pr/former-cape-cod-bookkeeper-sentenced-embezzlement-charges-two-criminal-cases

 

Former Air Force Contractor Pleads Guilty To Illegally Taking 2,500 Pages Of Classified Information – February 25, 2021
According to court documents, Izaak Kemp was employed as a contractor at the Air Force Research Laboratory (AFRL) from July 2016 to May 2019, and later as a contractor at the U.S. Air Force National Air and Space Intelligence Center (NASIC). While working at AFRL and NASIC – both located on Wright-Patterson Air Force Base in Fairborn – Kemp had Top Secret security clearance.

Despite having training on various occasions on how to safeguard classified material, Kemp took 112 classified documents and retained them at his home.

Law enforcement discovered the more than 100 documents, which contained approximately 2,500 pages of material classified at the SECRET level, while executing a search warrant at Kemp’s home on May 25, 2019.

https://www.justice.gov/usao-sdoh/pr/former-air-force-contractor-pleads-guilty-illegally-taking-2500-pages-classified

 

Bank President’s Arson and Fraud Scheme Goes Up In Smoke Costing Bank $11 Million – February 22, 2021
According to information presented in court, on May 11, 2019, while Anita Moody was President of Enloe State Bank in Cooper, Texas, the bank suffered a fire that investigators later determined to be arson. The fire was contained to the bank’s boardroom however the entire bank suffered smoke damage.

Investigation revealed that several files had been purposefully stacked on the boardroom table, all of which were burned in the fire. Notably, the bank was scheduled for a review by the Texas Department of Banking the very next day. Further investigation revealed Moody had created false nominee loans in the names of several people, including actual bank customers. Moody eventually admitted to setting the fire in the boardroom to conceal her criminal activity concerning the false loans.

She also admitted to using the fraudulently obtained money to fund her boyfriend’s business, other businesses of friends, and her own lifestyle. The fraudulent activity, which began in 2012, resulted in a loss to the bank of approximately 11 million dollars.

https://www.justice.gov/usao-edtx/pr/bank-president-s-arson-and-fraud-scheme-goes-smoke

 

Former Community College Comptroller Sentenced To Prison For Stealing $286,000+ From College / 10 Other Individuals Involved – February 22, 2021
Carol Bates pleaded guilty on July 20, 2020, and at the hearing admitted that from 2013 to 2016, she used her position as the comptroller of Bossier Parish Community College (BPCC),
to access an internal BPCC computer database and make entries falsely showing individuals were due refunds by the school. These individuals were not qualified to receive the funds, and, in most cases, they were not even attending BPCC during the semesters they received the money.

As a part of the scheme, Bates and her sister, Audrey Williams, recruited Faith Alexander and Marquise Perry, along with seven other individuals to receive fraudulent refunds from BPCC. Once the individual received the funds, they were instructed to deliver between one-half and two-thirds of the money to Carol Bates or her sister, Audrey Williams.

In total, Bates caused 45 fraudulent refunds totaling $286,987.08 to be issued to nine individuals. Alexander received eight refunds totaling $45,482.65 from 2014 through 2016. Perry received seven refunds totaling $49,524.65 from 2015 through 2016. The remaining 30 refunds were issued to seven other individuals who, after receiving the money, transferred two-thirds or half of it to Bates.

https://www.justice.gov/usao-wdla/pr/former-bossier-parish-community-college-comptroller-sentenced-stealing-more-280000

 

Police Officer Fired For Sharing Other Officers’ Information With BLM Organizer – February 21, 2021
A police officer in Kentucky was fired Friday over allegations that he gave a Black Lives Matter organizer information about other officers working protests that could be used to “insult, intimidate and harass,” according to reports.

Officer Jervis Middleton of the Lexington Police Department was relieved of his duties following a unanimous vote by the Lexington-Fayette Urban County Council after a 9 hour hearing and two hours of closed deliberations.

The fired officer initially denied sharing information with BLM leader Sarah Williams, a friend, but admitted it when he was shown text messages obtained through a search warrant, city lawyer said.

The officer had been demoted recently for a separate complaint related to accusations he used department resources to look up information about a woman he had once been dating, according to the news organization.

https://www.lawofficer.com/kentucky-cop-fired-for-sharing-officers-information-with-blm-organizer/

 

Former Employee Of E-Mail Service Provider Sells Access To Users’ E-Mail Accounts – February 15, 2021
Russian internet giant Yandex has revealed that thousands of its customers had their accounts accessed due to a malicious Insider working at the firm.

The company stated that an employee had been selling access to users’ email accounts for personal gain. The employee was one of 3 system administrators with the necessary access rights to provide technical support for the service. As a result of his actions, 4887 mailboxes were compromised.

https://www.infosecurity-magazine.com/news/yandex-insider-breach-hits-nearly/

 

Former Employee Arrested For Hacking Into Former Employer And Causing Ransomware Attack – February 15, 2021
Yigitali Ercan was arrested on a warrant for allegedly hacking into a former Fairfield County employer’s computer system, causing the business to become the victim of a ransomware attack.
The incident took place in September 2020.

The company told police that the former employee hacked into their computer and made some modifications to their website. The next day, the company became the victim of ransomware attack and was unable to access their work files without paying the ransom.

https://dailyvoice.com/connecticut/darien/police-fire/former-employee-arrested-for-ransomware-scheme-at-fairfield-county-business-police-say/803309/

 

Former Apartment Manager Pleads Guilty To $285,000+ Fraud Scheme Against Employer – February 10, 2021
From October 2017 through December 2018, Lachann Green was the General Manager of Rhode Island Row, an apartment complex in Washington, D.C. that was managed by her employer. Green was the senior employee of the business and was responsible for all expenses and staffing needs for the apartment complex.

In October 2017, Green registered a fraudulent shell business, Executive Property Staffing (EPS), with the Maryland State Department of Assessments and Taxation (SDAT). Green admitted that she created dozens of fraudulent EPS invoices for staffing, cleaning, and maintenance work at Rhode Island Row that had not been done by EPS. Green personally approved and submitted the fraudulent invoices to her employer. The invoices were paid to a bank account opened in EPS’s name but which was controlled by Green. Over the course of the scheme, Green submitted and paid $231,802 in fraudulent EPS invoices.

Green used the money she fraudulently obtained from her employer to support a luxurious lifestyle, including to help purchase an Audi, to buy season tickets to the Washington Wizards professional basketball team, and to finance a luxury vacation to Cancun with individual.

Green also used 3 other fraud schemes against her employer, resulting in $285,000+ of unauthorized payments to Green.

https://www.justice.gov/usao-md/pr/former-dc-apartment-manager-pleads-guilty-defrauding-her-employer-causing-loss-company

 

Federal Contractor Agrees To Pay $6 Million+ To U.S. Government For Overbilling Department of Homeland Security – February 19, 2021
This incident outlines an often overlooked problem that can happen when a company acquires another company. The company making the acquisition needs to dig deeper and look at more
than the financial statements of the company they are acquiring, and look closer at its employees. Could your company be acquiring Insider Threat problems?

Triple-I has agreed to pay the United States $6.05 Million to resolve allegations that a predecessor company, Creative Computing Solutions Inc. (CCSi), violated the False Claims Act by knowingly overbilling the Department of Homeland Security (DHS) for work performed.

Triple-I, which provides IT services and solutions to federal agencies, acquired Maryland-based CCSi in 2015. The settlement resolves allegations that, from October 2007 to April 2014, CCSi knowingly submitted claims for payment to DHS for work performed by CCSi employees who lacked required job qualifications. CCSi allegedly violated the terms of the EAGLE Contract by using under-qualified personnel who were billed to DHS at higher rates reserved for more qualified employees.

https://www.justice.gov/opa/pr/federal-contractor-agrees-pay-more-6-million-settle-overbilling-allegations

 

Former Township Clerk Charged With $650,000+ Wire Fraud Scheme Over 8 Years – February 19, 2021
From December 2012 through October 2020, Maryann Stoffel used her position as the Clerk of the Township of Vermillion, an elected position, to misappropriate more than $650,000 of Township funds.

As the clerk, Stoffel had signature authority over the Township’s bank account. Township checks required at least two signatures. As part of the fraud scheme, Stoffel at times, forged the signatures of the Township’s Treasurer and the Chairman of the Township Board on Township checks. At other times, Stoffel solicited signatures from the Township’s Treasurer and the Chairman of the Township Board on blank Township checks by falsely representing that she would use the checks to pay the Township’s bills.

Instead of using the funds to pay the Township’s bills, Stoffel transferred the funds to her personal bank account for her own use and benefit. Stoffel concealed her fraud from the Township and from the State of Minnesota by excluding the unauthorized payments to herself on the Township’s annual report.

https://www.justice.gov/usao-mn/pr/former-vermillion-township-clerk-charged-650000-wire-fraud-scheme

 

Former Office Manager Sentenced To Prison For Embezzling $199,000+ From Employer – February 18, 2021
Fredrick Strohm was employed as an Office Manager at Cherokee Broadband Enterprises (CBE), an entity of the Eastern Band of Cherokee Indians. In that capacity, Strohm had access to CBE’s bank accounts and bank cards, which he was authorized to use to pay for business related expenses.

Beginning in August 2014, and continuing through February of 2018, Strohm used his access to CBE’s bank accounts and bank cards to pay for personal expenses and to make large cash withdrawals. For example, Strohm unlawfully used CBE funds to pay for numerous personal purchases on Amazon, and to pay approximately $52,040.55 in personal credit card debt. During the relevant time period, Strohm also used CBE funds to make approximately $45,855.01 in PayPal payments, some covering personal purchases and some consisting of cash payments to himself. In total, during the relevant time period, Strohm embezzled approximately $199,077.06 of CBE funds.

Court records also show that, throughout the years in which he was engaged in the wrongdoing, Strohm attempted to conceal his embezzlement from the authorities within the Eastern Band of Cherokee Indians. To do so, Strohm altered bank statements for the CBE bank account he submitted to Tribal Finance, and further attempted to conceal evidence by deleting QuickBooks files from the CBE computer located in his office. According to court records, the authorities within the Eastern Band of Cherokee Indians were able to recover the deleted files and uncover Strohm’s theft.

https://www.justice.gov/usao-wdnc/pr/jackson-county-man-sentenced-18-months-embezzling-funds-indian-tribal-organization

 

Japanese CEO And Employees Charged In Scheme To Defraud U.S. Navy And Dump Wastewater In Ocean – February 17, 2021
Three Japanese nationals, including the president and chief executive officer of Yokohama, Japan-based Kanto Kosan Co. Ltd. (Kanto Kosan) were indicted by a federal grand jury Tuesday in connection with an alleged long-running scheme to defraud the U.S. Navy and pollute Japanese waters by dumping contaminated water removed from U.S. Navy ships into the ocean.

https://www.dodig.mil/Criminal-Investigations/Article/2506816/japanese-ceo-and-employees-charged-in-scheme-to-defraud-us-navy-and-dump-wastew/

 

Former Employee Pleads Guilty To Computer Hack That Shut Down Opening Day Concession Sales At Stadium / Damages $268,000+ – February 17, 2021
Salvatore La Rosa admitted in his guilty plea to intentionally accessing Spectra Food Services and Hospitality’s (Spectra) on-line concessions management account for the Earthquakes Stadium without permission on February 29, 2020.

The Earthquakes Stadium is home to the San Jose Earthquakes, a Major League Soccer team, and their first home game of the 2020 season was February 29, 2020. Spectra, headquartered in Philadelphia, Pennsylvania, was the concessions contractor for the stadium, and employees used Spectra’s mobile tablets as their Point-of-Sale terminals to sell food and other concession items. The tablets displayed menus and payment selections from an online-based application developed for sports stadiums.

La Rosa admitted in his plea agreement that he was a former employee of Spectra and worked at the stadium from February 14, 2015, until his termination on January 6, 2020. He admitted that he thereafter logged into the administrative port for the Earthquakes Stadium from his residence and used a password, without authority, to access Spectra’s concession menu and payment selections.

During his unauthorized access, he intentionally deleted Spectra’s concession menu and payment selections. This act caused all of the Point-of-Sale tablets used by Spectra’s staff to stop working. Spectra’s ability to accept credit cards was also disabled. During the soccer match on February 29, 2020, Spectra’s staff had to resort to handwriting orders and using calculators to complete cash transactions, with the resulting delay leading to lost sales and verbal abuse from customers. In some instances, Spectra had to provide free food and beverages to club members because of its inability to process credit card transactions.

According to the charging document filed in the case, Spectra suffered a loss of over $268,000 in damages, consisting of lost revenue, concession discounts offered at the March 7 game, employee time to repair the damage to the data, and labor costs.

https://www.justice.gov/usao-ndca/pr/san-jose-man-pleads-guilty-computer-hack-shut-down-opening-day-concession-sales-san

 

Former Corporate Executive Sentenced To Prison For Fraudulent Use Of Company’s Credit Card For Personal Expenses – February 17, 2021
Tara Sabatini was employed as the “Senior Director of Sales” by a that sold wholesale amounts of food to various commercial customers, typically grocery store chains. The company provided Ms. Sabatini with a company-funded corporate credit card and authorized her to use the credit card for official business, including work travel and some client expenses.

During 2017 and 2018, Sabatini used her corporate credit card to fund personal expenses, including but not limited to purchasing luxury ticket packages from a Major League Baseball team located in New York. She frequently engaged in electronic communications with New York employees of the team for ticket purchase and delivery purposes. After receiving these tickets, Sabatini attended some of the baseball games and also gave some of the tickets to her friends and family. Sabatini further sold some of the baseball tickets through an Internet service and spent the proceeds of the ticket sales on her personal expenses.

https://www.justice.gov/usao-edmo/pr/judge-sentences-former-st-charles-corporate-executive-fraudulently-using-company-s

 

Two Former Bureau of Prisons Officials Plead Guilty To Bribery Scheme At Federal Prison – February 16, 2021
According to court documents, Stephen Taylor then a case manager at FCI Petersburg, received over $17,000 in Walmart-2-Walmart transfers from an inmate’s mother from March 2018 to March 2019. In return, Taylor permitted the introduction of contraband items into the prison—namely Suboxone, marijuana, cellular telephones, and tobacco. In addition, Taylor received contraband and sums of cash from the inmate’s girlfriend.

In addition to Taylor, former correctional officer Shanice Bullock, pleaded guilty on February 9 for her role in the same prison bribery scheme. Specifically, Bullock took bribes from the same inmate’s mother to facilitate the introduction of Suboxone, marijuana, heroin, cigarettes, and cellular telephones into FCI Petersburg.

https://www.justice.gov/usao-edva/pr/two-former-bureau-prisons-officials-plead-guilty-bribery-scheme-federal-prison

 

Former Phone Company Employee Charged For Role In Cell Phone Sim Swap Scam That Targeted At Least 19 Customers – February 8, 2021
From August 2017 until November 2018, Stephen Defiore worked as a sales representative for Phone Company A. In that capacity, Defiore had access to the accounts of Phone Company A’s customers, including the ability to switch the subscriber identification module (SIM) card linked to a customer’s phone number to a different phone number.

Between October 20, 2018, and November 9, 2018, Defiore accepted multiple bribes, typically in the amount of approximately $500 per day, to perform SIM swaps of Phone Company A customers identified by a co-conspirator. For each SIM swap, a co-conspirator sent Defiore a customer’s phone number, a four-digit PIN, and a SIM card number to which the phone number was to be swapped. In total, DEFIORE received approximately $2,325 in a series of twelve payments.

https://www.justice.gov/usao-edla/pr/former-phone-company-employee-charged-rolein-sim-swap-scam-targeted-least-19-customers

This entry was posted on Sunday, February 28th, 2021 at 7:10 pm. Both comments and pings are currently closed.

Trademark Notice