ITMG Insider Threat Cases – March 15, 2021

Apple sues former MacBook product design employee for allegedly leaking to the press

Apple says the employee, whose resume says he worked at Apple for more than 11 years, leaked information from internal meetings and documents. Apple says a former product design employee stole information about hardware products, unannounced features and future plans and leaked them to a journalist, breaking the company’s nondisclosure policies and trade secrets laws. In the lawsuit, filed Thursday in the US District Court of the Northern District of California, Apple outlined a working relationship between a former employee, Simon Lancaster, and an unnamed journalist. The tech giant alleges Lancaster used his access at the company to download confidential information and attend meetings specifically to forward to this media contact. Apple said he attended one of his last meetings at the company, about “Project X” as it’s called in the filing, after submitting his resignation despite being instructed by others not to attend.

Ex-contractor accessed Vic govt IT system 260 times a year after leaving

An ex-contractor was able to access a key Victorian government IT system 260 times in the year after leaving the service provider for which they worked, exposing failings in employee off-boarding and access management, the state’s information commissioner has found. The Office of the Victorian Information Commissioner’s (OVIC) made the revelation in its investigation [pdf] into a data breach at the former Department of Health and Human Services (DHHS), which took place between September 2017 and October 2018. OVIC was notified of the breach in December 2018 after the former employee of an unnamed contracted service provider (CSP) was identified as having accessed personal information on the client relationship information system for service providers (CRISSP).

Anti-fraud Santander bank worker jailed for customer con

A member of a bank’s anti-fraud team has been jailed for selling customers’ details in a £90,000 scam. Bilal Abbas, who worked for Santander, helped conmen buy luxury goods using stolen account details. The transactions would be flagged as fraudulent and cancelled several days later leaving businesses “out of pocket”, Northumbria Police said. Abbas and two others, all from West Yorkshire, were jailed for at least two years at Newcastle Crown Court. The court heard the bank employee used his position to secure the card details of customers while verifying their accounts. He then sold that information to Umair Memon, 28, who used it to purchase high value goods by telephone under a fake name. Jordan Hamilton-Thomas, 32, would then attend the stores in person, posing as Memon’s son to collect the goods.

Samsung goes to insane lengths to stop China from stealing its secrets

Corporate espionage is a real threat to successful businesses like Samsung. They have to make sure that their trade secrets remain protected from their competitors who would like nothing more than to bring them down. These secrets are what provide these companies with their competitive edge. If they fall into the wrong hands, the company may quickly find itself in a battle for its survival. The larger a company, the more employees it has, and they’re often the weakest link that competitors exploit. Samsung is all too familiar with these challenges which is why it goes to some insane lengths to prevent its trade secrets from leaking. South Korea’s intelligence is also on Samsung’s side. There are widely reported cases in which Samsung employees were arrested on charges of leaking confidential information. A senior Samsung official from its semiconductor division was arrested in 2016 for trying to sell information about Samsung’s 14nm and 10nm fabrication processes to Chinese competitors. A more recent example is that of two senior Samsung Display researchers who were arrested in August 2020 on charges of trying to leak Samsung’s OLED panel production technology to China. OLED displays are a big business for Samsung. It wouldn’t want those trade secrets leaking out, especially to the Chinese, who have been trying to establish themselves in the OLED market.

Nebraska Man Sentenced to 21 Months in Prison for Stealing and Selling Employer’s Confidential Information

NEWARK, N.J. – A Nebraska man was sentenced today to 21 months in prison for engaging in fraudulent activity that exposed his employer’s confidential information, Acting U.S. Attorney Rachael A. Honig announced. Timothy Young, 50, of Moorefield, Nebraska, previously pleaded guilty by videoconference before U.S. District Judge Katharine S. Hayden in Newark federal court to an information charging him with wire fraud. Judge Hayden imposed the sentence by videoconference today. Young was employed at a data analytics and risk assessment firm based in New Jersey. The company serves customers worldwide, including entities providing insurance and financial services as well as government entities. The company maintains a network that houses, among other things, significant amounts of personally identifiable information. Without the firm’s approval, Young obtained confidential, non-public information that belonged to the firm. The information included names, logon names, passwords, email addresses, and telephone numbers for some of the company’s clients. Young then attempted to sell the information.

Former Employee of Veterans Affairs Medical Center Charged with Stealing More Than $8.2 Million Worth of HIV Medication

NEWARK, N.J. – A former pharmacy technician was arrested today for stealing prescription HIV medications from the pharmacy of the Veterans Affairs Medical Center (VAMC) in East Orange, New Jersey, Acting U.S. Attorney Rachael A. Honig announced. Lisa M. Hoffman, 48, of Orange, New Jersey, is charged by complaint with theft of medical products, specifically HIV medication. Hoffman is scheduled to make her initial appearance by videoconference before U.S. Magistrate Judge Mark Falk this afternoon. According to documents filed in this case and statements made in court: Hoffman’s responsibilities at the VAMC included ordering the necessary drugs and supplies for the outpatient pharmacy, including determining when to place orders and for what products, as well as regularly maintaining inventory levels of needed drugs and supplies. From at least August 2017 through November 2019, Hoffman used her position to steal prescription HIV medication from the VAMC. She placed large orders for HIV medication, purportedly on behalf of VAMC, and then stole the medication after it was delivered. VAMC surveillance footage captured Hoffman regularly taking dozens of bottles of HIV medications from the shelves of the outpatient pharmacy, placing them in a white mail bin, and then transferring the medications from the mail bin to her bag and exiting with the stolen medication. Hoffman stole approximately $8.2 million worth of the VAMC’s HIV medication.

Former President of Philadelphia Wholesale Produce Market Charged with Stealing $7.8 Million from His Employer

PHILADELPHIA – Acting United States Attorney Jennifer Arbittier Williams announced that Caesar DiCrecchio, 60, of Voorhees, NJ, was charged by Information with two counts of wire fraud, one count of conspiracy to commit wire fraud, one count of money laundering conspiracy, one count of aggravated identity theft, and four counts of tax evasion, all of which allegedly caused more than $7.8 million in losses to the Philadelphia Wholesale Produce Market in South Philadelphia. The Information alleges that DiCrecchio, the former President and CEO of the Produce Market, exercised control over every aspect of the Market, including expenditure of funds, and was required to report on the Market’s finances to its Board of Directors. The defendant defrauded the Market by using company funds to pay $1.9 million in rent on his Stone Harbor, New Jersey shore house; converting into cash $1.1 million in checks drawn on the Market’s bank account and using the cash for his own benefit; causing $1.7 million in checks to be issued from the Market operating account payable to his friends or relatives; causing the Market to pay for the defendant’s personal credit card expenditures; converting $320,000 in checks that were payable to the Market and cashing them for his own benefit; skimming $2.6 million in cash from the pay gate at the Market’s parking lot, which he used to pay Market employees ‘under the table’ while keeping a substantial portion for his own use; and using Market funds to provide a $180,000 loan to a Market vendor, which the vendor repaid directly to DiCrecchio. The defendant concealed these expenditures in the Market’s books and records by directing that these payments be reflected as legitimate business expenditures, for example: notated as maintenance, snow removal, insurance, legal fees and other false expenditure entries.

Former City of Rochelle Employee Pleads Guilty to Fraudulently Obtaining at Least $150,000 From a Non-Profit Business Association

ROCKFORD — A former employee of the City of Rochelle, Ill., pleaded guilty Tuesday to wire fraud for fraudulently obtaining at least $150,000 from a non-profit business association. SCOTT KOTESKI, 58, of Rochelle, was selected by the city to sit on the board of directors of a non-profit business association that provided broadband internet technology to smaller municipalities in northern Illinois.  According to a plea agreement, Koteski in 2011 began serving as the association’s treasurer, handling the invoicing and billing of member municipalities.  Koteski as of February 2012 had signatory authority on the association’s bank account.  From September 2012 through April 2018, Koteski fraudulently obtained from the association at least $150,000, which he used for his own benefit without the association’s knowledge or consent.  Koteski wrote numerous checks to himself from the association’s bank account, which he deposited into his personal bank account for his personal benefit.  Koteski concealed his acts by writing false information on the memo line to make it appear the checks were for reimbursement of personal monies Koteski spent for the association, when, in fact, Koteski was not entitled to reimbursement.

Two Former SunTrust Bank Employees Sentenced, Ordered to Pay $83,800

WASHINGTON – Rashad Liverpool, 28, and Robert Tillery, 45, were each sentenced on Friday, by the Honorable James A. Crowell IV, Associate Judge of the Superior Court of the District of Columbia, announced Acting U.S. Attorney Channing D. Phillips.  The two former SunTrust Bank employees each pled guilty in February 2020 to financial exploitation of an elderly person, in violation of Title 22, D.C. Code, Section 933.01(a)(3), for defrauding a 72-year-old military widow with diminished capacity of $83,800. According to the government’s evidence, during the summer of 2018, Liverpool and Tillery each frequently visited the victim, a client of SunTrust Bank, after normal business hours and against bank policy.  They identified funds that the widow held at Bank of America and took advantage of her diminished capacity in order to move those funds into accounts that they controlled.  Liverpool moved $51,900 into a joint account that he created in his and the victim’s name at Capital One Bank.  He used all of the funds for his own benefit, including two trips to California and one trip to Miami.  During the trip to Miami, Liverpool used the victim’s funds to stay at a beachfront hotel, rent a red Ford Mustang, and purchase items from a mini bar.  Liverpool also made ATM withdrawals totalling $3,200 from the victim’s account while she was hospitalized.  Meanwhile, Tillery withdrew $3,000 in cash from one of the victim’s accounts and wrote himself a check for $25,700 from another.  He used these funds to make purchases at various outlet stores and finance a move to Chicago.  The scheme ended when the victim was hospitalized and a newly appointed attorney-in-fact discovered that the funds were missing.

Lab analyst sentenced for falsifying test results

A former environmental laboratory analyst was sentenced by U.S. District Court Judge Pamela A. Barker to two years of probation and ordered to pay a $2,500 fine for falsifying laboratory test results. Andrew K. Ecklund, age 58, of Tallmadge, Ohio, pleaded guilty in November of 2020 to nine counts of wire fraud stemming from a scheme to falsify laboratory analysis reports in order to improve work efficiency. According to court documents, Ecklund was previously employed as a laboratory analyst with an environmental testing company operating in Northeast Ohio. The company was paid to analyze environmental samples for organizations and government agencies across the United States and to do so according to U.S. EPA regulations. As a laboratory analyst, Ecklund was responsible for testing samples for the presence and concentration of hazardous substances and unacceptable levels of pollutants using industry standards, methodology and quality control measures. On nine separate occasions between on or about January 3, 2012, and on or about July 25, 2015, Ecklund took steps to make it appear that certain samples had passed quality control testing measures, when in fact, they had failed. In particular, Ecklund failed to properly calibrate and tune the quality control instruments, which was the foundation of the quality control process. This failure resulted in unreliable measurements of pollutants and hazardous substances, and therefore invalidated the testing process.

Former Fortune Bay Casino Supervisor Pleads Guilty To Embezzling More Than $300,000

Acting United States Attorney W. Anders Folk today announced the guilty plea of JENNIFER LYNN BOUTTO, 32, to one count of embezzlement and theft of Tribal funds. BOUTTO, who was charged by felony information on December 14, 2020, pleaded guilty this morning before Judge Eric C. Tostrud in U.S. District Court. A sentencing date will be scheduled at a later time. According to the defendant’s guilty plea and documents filed with the court, in 2008, BOUTTO began working as a reservationist at the Fortune Bay Resort Casino, which is owned and operated by the Bois Forte Band of Chippewa. BOUTTO later received a promotion to Front Desk Supervisor, a position that allowed her to issue cash refunds without direct supervision. Between January 2013 and October 2019, BOUTTO used her position at Fortune Bay to steal money by issuing false cash refunds against the invoices of previous Fortune Bay customers. BOUTTO would then access the Fortune Bay vault and retrieve the falsely refunded amount. In total, BOUTTO executed the scheme 2,994 times and stole $315,739.87.

Former Bookkeeper Admits to Stealing from San Diego Business

SAN DIEGO – Arthur Jason “AJ” Morales of Pahrump, Nevada pleaded guilty in federal court today to a wire fraud charge, admitting that while employed as a bookkeeper for a San Diego lighting company, he abused his access to the company’s checkbook and issued himself 28 unauthorized checks totaling more than $183,000. In a hearing before U.S. Magistrate Judge Mitchell D. Dembin, Morales admitted he issued the checks—sometimes forging the signatures of company management on them—to his personal business, “AJ’s Tax & Bookkeeping Service,” and deposited them into his personal bank account. He then concealed the payments by manipulating the company’s accounting records to make it appear that each check was issued for a legitimate business expense to a third-party vendor.  The company realized Morales’ fraudulent activity in March 2016 when it discovered a check in the amount of $16,274 that Morales had issued to his personal business and cashed.

Discover more from ITMG

Subscribe now to keep reading and get access to the full archive.

Continue reading