Potential victims of fraud and identity theft will be notified, and Defense will provide free credit monitoring services.
The Justice Department unsealed a 14-count indictment Wednesday charging five people with identity theft and fraud that targeted military members and veterans.
U.S. Attorney John Bash charged Robert Wayne Boling Jr., Fredrick Brown, Trorice Crawford, Allan Albert Kerr and Jongmin Seok on multiple counts of wire fraud, conspiracy and identity theft. Allegedly, they worked together to steal personal information from thousands of military members in order to access the Defense and Veterans Affairs benefits sites and steal millions of dollars.
“These defendants are alleged to have illegally defrauded some of America’s most honorable citizens, our elderly and disabled veterans and servicemembers,” said Attorney General William Barr, in a press release. “Through today’s action, the department is honoring our pledge to target elder fraud schemes, especially those committed by foreign actors using sophisticated means, and to protect the veterans of our great country.” Boling (American), Kerr (Australian) and Seok (South Korean) were arrested in the Philippines and U.S. citizens Brown and Crawford were arrested in Las Vegas and San Diego, respectively.
According to Justice, this scheme began in 2014 when Brown was a training instructor in the Information Management Division at the Army’s 65th Medical Brigade in Yongsan, Korea, and stole thousands of servicemembers’s personal identifying information. Brown allegedly gave the information to Boling “who exploited the information in various ways together with his Philippines-based co-defendants Kerr and Seok.”
Boling, Kerr and Seok allegedly used the data to hack into a portal at the Defense Department in which military members access their benefits information. The defendants then allegedly stole or attempted to steal millions of dollars from veterans’s benefit payments and servicemembers’s accounts. Boling and Crawford allegedly recruited people to take the stolen assets into their accounts and then wire the funds back to the defendants and others, according to the indictment.
“VA is working with DoD to identify any instances of compromised VA benefits accounts,” said James Hutton, VA assistant secretary for public and intergovernmental affairs. “Just as importantly, VA has taken steps to protect veterans’ data and [we] are instituting additional protective measures.” The Justice Department said it will also make announcements soon on how military members can better secure their information and benefits.
“The Department of Defense, working with the Departments of Justice and Veterans Affairs, will be notifying an estimated 3,500 people affiliated with the military who may have been affected by a data breach from unauthorized distribution of personal information in electronic health records,” said Heather Babb, Defense Department spokeswoman. “The notifications to service members, their families, veterans, and other DoD personnel will be by mail.” Also, the department will be offering free credit monitoring services to those potentially affected.
The Governmental Accountability Office has reported recently on issues relating to cyber and information security in the federal government. It made six priority recommendations for the Defense Department’s cybersecurity in its Annual Open Priority Recommendations published in March. “Recent breaches of government networks and systems underscore the urgent need for effective implementation of information security controls at federal agencies,” it said.
Then in June GAO reported, “The lack of key cybersecurity management elements at VA is concerning given that agencies’s systems are increasingly susceptible to the multitude of cyber-related threats that exist.”