The Justice Department announced charges in a foreign-based conspiracy Wednesday in what it called the largest-ever identity theft scheme against military members and their families, with the alleged co-conspirators specifically targeting disabled and elderly veterans.
The DOJ said there were at least 3,300 victims of the fraudulent scheme, and that they weren’t done identifying victims in the case. The thefts and attempted thefts of personal information began in 2014 and continued through this summer, totaling in the millions of dollars.
“To our knowledge, this is the largest criminal case ever involving identify theft of military-affiliated personnel,” U.S. Attorney John Bash of Texas said in a press conference yesterday.
The 24-page indictment alleged a conspiracy involving the insider theft of personal identifying information from military members, both active duty and veterans, and their families through a civilian technician who had access to the data. That data was forwarded to the ringleader of the conspiracy, who worked with two foreign nationals to divert bank funds and military benefits, mostly from Veterans Affairs accounts belonging to disabled or elderly veterans, into their own personal accounts overseas using that data. Another member of the conspiracy used “money mules” to launder the money between the VA and the accounts belonging to the thieves.
“Maybe the most egregious aspect of this case is that the victims — the targets — centered on disabled and elderly veterans,” Bash said. “They also targeted very senior military officers, we believe for the same reason, that they believed those officers had the most money available to be stolen.”
Five people are charged with crimes such as conspiracy, wire fraud, money laundering, and identity theft.
Robert Boling, a U.S. citizen raised in South Korea and living in the Philippines, was the orchestrator of the scheme, directing the operation to exploit the stolen information and to wire the funds around the world.
Frederick Brown, a U.S. citizen working as a civilian medical records technician at a U.S. Army base in South Korea from 2010 through 2015, was the primary source of the stolen information, since he had access to the electronic documents. Brown used a camera to take screenshots of personal data, and then sent it to Boling to exploit.
Allan Albert Kerr of Australia and Jongmin Seok of South Korea assisted Boling in the Philippines with exploiting the stolen information to obtain records, such as military personnel files and credit reports, and to use the Department of Defense’s military benefits portal to divert money and benefits away from the military members.
Boling, Kerr, and Seok exploited the single username and password system letting military members access multiple websites with benefit information and documents. The three primarily exploited the VA’s benefits database, stealing information including bank accounts and routing numbers, then diverted the funds away. In some cases they called banks directly disguised as the account owners.
Trorice Crawford, a U.S. citizen living in California, recruited and supervised “money mules,” people who agreed to use their accounts to receive stolen funds. He then helped move the funds from those accounts back to the co-conspirators in the Philippines after taking a cut.
Boling, Kerr, and Seok were arrested in the Philippines, and the DOJ is working to repatriate Boling and to extradite Ker and Seok. Brown was arrested in Las Vegas and Crawford was arrested in San Diego.
Bash noted that his office was working closely with the DOJ’s Consumer Protection Branch to prosecute the co-conspirators. He emphasized that the Defense Department and VA are coordinating with the DOJ to notify and provide resources to the victims.
Attorney General William Barr said that, in breaking up this conspiracy and charging these criminals, the DOJ was “honoring our pledge to target elder fraud schemes, especially those committed by foreign actors using sophisticated means, and to protect the veterans of our great country.”
Defense Department spokeswoman Heather Babb told the Washington Examiner that the Pentagon will look at the systems that were affected to prevent similar breaches.
“It is important to note that this data breach resulted from the alleged actions of an individual who abused access and misused data, not through remote access or hacking,” Babb said.
James Hutton, the VA’s assistant secretary for public and intergovernmental affairs, said the VA “has taken steps to protect veterans’ data and are instituting additional protective measures.”