Get the latest updates as we post them — right on your browser

. Last Updated: 07/27/2016

Thieves Steal 30,000 Identities by Computer

NEW YORK -- An identity-theft ring that relied on a low-level employee of a Long Island software company stole the credit histories of more than 30,000 people and used them to empty bank accounts, take out false loans and run up charges on credit cards, among other crimes, U.S. federal authorities in Manhattan said Monday.

This is believed to be the largest-ever identity-theft case in the United States, federal officials said, in terms of the number of victims, the type of detailed personal information about them that was stolen and the losses -- at least $2.7 million and likely to climb much higher. The authorities were still trying to determine how many of the 30,000 victims suffered financial losses.

The ring sold the credit histories for up to $60 each to a group of conspirators in the Bronx and Brooklyn who had already stolen or obtained partial information about the victims like names and Social Security numbers, a federal complaint said. So far, three people have been arrested and charged in the scheme, including the man accused of stealing the credit histories, who appeared in court Monday.

The scheme had operated for nearly three years but came to light only in the past year. The federal investigation began eight months ago after the FBI learned from the Ford Motor Credit Co., of Dearborn, Michigan, that someone was using its codes to impersonate the lender to Experian, one of the three major credit-reporting agencies, the FBI said. The impersonator had pulled credit histories nationwide for about 15,000 people, who were reporting a high volume of fraud, officials said.

James Comey, the U.S. attorney in Manhattan, said the fraud was "every American's worst financial nightmare multiplied tens of thousands of times."

A credit history includes personal information about a person's bank and credit card accounts, including the numbers and available credit, and with it someone could assume the identity of the victim and use the accounts or open new ones.

"With a few keystrokes," Comey said, "these men picked the pockets of tens of thousands of Americans and, in the process, took their identity, stole their money and swiped their security."

Comey said that beyond draining victims' bank accounts, the fraud ring had changed the address on bank accounts, ordering new checks, which were then drawn on the account; lines of credit were opened and quickly depleted; and criminals assumed the identity of people to order merchandise that was then shipped to different locations.

"In short, a lot of people were ruined financially, and their credit was ruined financially, by this scheme," he said.

Officials provided little detail about the victims, but in one case a few days ago, Comey said, a woman called up in tears to report that someone had written a $34,000 check on her line of credit.

In some cases, like credit card fraud, there may be limits on the liability of individuals because they were not at fault. But significant financial losses would be shouldered by banks and other institutions, and ultimately the cost would be passed on to consumers.

Quantifying the size of identity-fraud rings is difficult because some victims do not even know they have been victimized until long after the fact, and others may not file a report, as the General Accounting Office noted this year in two reports.

Over the past few years, there have been accounts of cases involving thousands of victims and losses ranging from hundreds of thousands of dollars to as much as $2 million. But law enforcement officials said the new case stands apart because of the large number of complete credit histories that were sold to criminals and the expectation that the numbers of victims and the monetary losses will grow significantly.

"How high it will go, it's going to be some time before we know," Comey said.

Prosecutors say the scheme involved a former help desk worker at a Bay Shore, New York, company that provides software for banks and other companies to obtain credit histories from the nation's three largest credit bureaus. Starting about three years ago, the employee, Philip Cummings, 33, used his computer access at the company, Teledata Communications Inc., to learn the passwords and access codes used by companies to download credit information about individuals, the government said.

Comey said another man, Linus Baptiste, 43, of New Rochelle, New York, obtained from street criminals a "wish list" of names and Social Security numbers that had been stolen. After Cummings obtained the data, Baptiste would sell it to the ring, Comey said.

The ring included at least 20 conspirators, according to a criminal complaint unsealed Monday. Baptiste was arrested Oct. 29 and charged with one count of wire fraud. One of his lawyers, Marshall Mintz, declined to comment. Prosecutors said a third defendant, Hakeem Mohammed, had pleaded guilty to charges of mail fraud and conspiracy.

Teledata said in a brief statement that it had cooperated fully in the investigation. It said that Cummings was an employee from May 1999 until he resigned in March 2000. Even after he left Teledata, he was able to use his laptop to gain access to private data, and the criminal activity continued through last month, the authorities said.

Cummings was released on $500,000 bond by a federal magistrate judge in Manhattan on Monday. He declined to comment as he left the courtroom.

Kevin Donovan, the assistant director in charge of the FBI's New York office, said that after the bureau began investigating the complaint from Ford Credit it found that unauthorized credit reports had been ordered through other corporate subscribers at all three major credit reporting agencies.

"The defendants took advantage of an insider's access to sensitive information in much the same way a gang of thieves might get the combination to the bank vault from an insider," he said. "The potential windfall was probably far greater than the contents of a bank vault, and they didn't even need a getaway car."

Melinda Wilson, a spokeswoman for Ford Credit, said: "We're really pleased that they've made arrests. We've been working with the FBI since we found out about this. No one from Ford Credit was involved. We're doing everything that's humanly possible to make sure that this never happens again."

Comey said there were likely victims in every state and that his office would be mailing letters to the 30,000 victims who have been identified, asking for information and offering help.

He said victims' accounts could be flagged so that merchants and banks would be alerted. He said there were also certain clues people should watch for, like bank or credit card statements no longer arriving in the mail, which might suggest that an identity thief has changed the mailing address. Experts also suggest that people regularly request their credit reports from the credit agencies.

Comey said the investigation was aided by a person involved in the conspiracy who is now cooperating with the government. "The cooperation of one of the key players was very, very important," he said.

The complaint says the person first approached Cummings and proposed to buy credit reports from him. It does not identify the informer, who agreed to plead guilty, but says Cummings taught him how to download the credit reports.