Feeds

World's largest ID theft felon faces 14 years' jail

Help desk technician pleads guilty to $50m scam

  • alert
  • submit to reddit

SANS - Survey on application security programs

A former New York computer help desk technician yesterday pleaded guilty to playing a key part in what prosecutors reckon is the largest identity theft case to date.

Philip Cummings, 35, pleaded guilty to conspiracy over his central role in a scam believed to have hit upwards of 30,000 victims and cost millions through fraudulent transactions. At the time of Cummings' November 2002 indictment, investigators had confirmed losses of more than $2.7m in connection racket. Losses from the racket - which ran for approximately three years - are now estimated to exceed $50m.

Cummings worked for Teledata Communications, which supplies software to link the systems of banks and credit reference agencies from mid-1999 until March 2000. He used this role to obtain confidential passwords and codes to download potential victims' credit reports before selling them on to crooks. Cummings was paid $30 for each report. The information he sold enabled criminals to impersonate victims and obtain fraudulent loans, access bank accounts and run up unauthorised credit card bills in their name. More than 15,000 credit reports were stolen from credit reference bureau Experian, using passwords belonging to Ford Motor Credit Corporation. The passwords and subscriber codes of Washington Mutual Bank in Florida and Washington Mutual Finance Company in Crossville, Tennessee were also compromised. Cummings used this information to download reports after he left Teledata and relocated from New York to Georgia.

The information sourced by Cummings fed a network of at least 20 ID fraudsters across the US, according to prosecutors. A number of people have already pleaded guilty to involvement in the scam while other case remain pending.

Reuters reports that Cummings could be jailed for at least 14 years and fined $1m after confessing to conspiracy, wire fraud and fraud offences in connection with his crimes. However he has a heart problem which might cause the authorities to impose a much more lenient sentence, it reports. Sentencing before US District Judge George Daniels has been set for 11 January 2005. ®

related stories

Feds break massive identity fraud
ID theft: a $1bn a year crime
150+ cuffed in US-led cybercrime crackdown
Spammer charged in huge Acxiom personal data theft
ID theft hits 10m Americans a year

High performance access to file storage

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
Heartbleed exploit, inoculation, both released
File under 'this is going to hurt you more than it hurts me'
Arts and crafts store Michaels says 3 million credit cards exposed in breach
Meanwhile, Target investigators prepare for long process in nabbing hackers
Canadian taxman says hundreds pierced by Heartbleed SSL skewer
900 social insurance numbers nicked, says revenue watchman
prev story

Whitepapers

SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.