Insider Threats Incidents That Have Impacted The To Critical Infrastratucre Border Patrol Agent Charged With Bribery For Running Drugs - December 15, 2016 A U.S. Border Patrol agent in San Diego was charged Thursday with bribery for allegedly accepting $10,000 to deliver backpacks of what he believed to be smuggled methamphetamine and cocaine that were dropped along the border fence with Mexico. The Border Patrol said Lopez has been put on unpaid leave pending the outcome of the case. He is also charged with drug-related crimes. Lopez joined the agency 10 years ago, shortly before a massive hiring spree led to a big spike in the number of agents charged with corruption. According to a probable cause statement, Lopez met the confidential government source in October and described how he could pick up backpacks of smuggled drugs while on patrol. He was assigned to one of the most fortified stretches of border along the U.S. divide with Mexico. Source: http://wtop.com/government/2016/12/border-patrol-agent-charged-with-bribery-for-running-drugs Former U.S. Nuclear Regulatory Commission Employee Pleads Guilty to Attempted Spear-Phishing Cyber-Attack on Department of Energy Computers - February 2, 2016 Ex-DOE Worker Charged With Trying To Steal, Sell Nuclear Data - May 18, 2015 Charles Harvey Eccleston, 62, a former employee of the Nuclear Regulatory Commission (NRC) is facing up to 50 years in prison for allegedly attempting to use a spear-phishing campaign to harvest sensitive nuclear weapons information from government computers. He now faces four felony charges, authorities say, including wire fraud. According to an affidavit, Eccleston came to the attention of law enforcement when he entered a foreign embassy and offered to provide the country with classified U.S. government information for $18,000.00 The FBI responded by launching a sting operation in which Eccleston met with undercover agents posing as officials from the foreign country. He offered to design and send emails that would extract information from government computers, and went on to send them to 80 Department of Energy machines in January 2015, the affidavit said. The FBI ensured that no malicious code was actually sent to government machines. The charges against Eccleston point to an unusual case that combines both an insider cyber threat and the risks associated with targeted malware campaigns against the government. Eccleston was fired from his job at the NRC in 2010, and moved to Davos City in the Philippines the following year. The reasons for his termination are unclear. Source: http://thehill.com/policy/cybersecurity/241484-former-doe-worker-charged-with-attempted-cyberattack http://www.justice.gov/opa/pr/former-us-nuclear-regulatory-commission-employee-pleads-guilty-attempted-spear-phishing-cyber Former Army Pharmacy Specialist Pleads Guilty To Stealing Drugs From Walter Reed Hospital - August 13, 2015 Lamelle Marquez Malone, a former enlisted Army pharmacy specialist, pleaded guilty to conspiring to steal prescription drugs from a military hospital and to interstate transportation of stolen property. Malone conspired with Roger Gurdon and others to steal Somatropin, a human growth hormone, from the pharmacy at the former Walter Reed Medical Center. Malone paid a pharmacy technician at Walter Reed to order the Somatropin and paid the non-commissioned officer in charge of the pharmacy to ignore the fact that Malone was stealing Somatropin. Gurdon previously pleaded guilty to his role in the conspiracy and was sentenced to 78 months in prison and was ordered to pay restitution of $4,467,000. Another conspirator, Issa Wasco Koroma, was sentenced to five years in prison for conspiring to steal prescription drugs. Source: http://www.dodig.mil/IGInformation/IGInformationReleases/MaloneLamellePleaPR_081315.pdf Rome Airport Employees Caught Red-Handed in Art Theft Scheme - December 31, 2015 Airport employees in Rome have been caught red-handed stealing valuable art from travelers passing through the Fiumicino terminal, reports ANSA. The scheme involved several customer service workers who would offer to help passengers deliver their oversize baggage to collection points, instead taking the art works away to be hidden by cleaning and grounds crew and subsequently sold on the black market. "Using the uniforms they normally wore to work in the airport, they easily convinced people that they were providing a genuine service and managed to swindle them," said the state police in a statement, as translated by Reuters. Italian regulations require all oversize items be sent to collection points, so the thieves' victims did not discover the thefts until much later, upon reaching their final destinations.'' Source: https://news.artnet.com/art-world/rome-airport-art-thieves-discovered-400505?google_editors_picks=true Insider Threat A Serious Threat In The Healthcare Sector - March 5, 2018 Two separate reports suggest insiders - of the malicious and careless variety - pose more of a problem in healthcare than any other sector. In an analysis of 1,368 security incidents at healthcare organizations in 27 countries, Verizon found that nearly six out of 10 (58%) security incidents involve insiders. That figure, according to Verizon, makes healthcare the only sector where internal actors pose the biggest threat to an organization's cybersecurity posture than external actors. The primary driver in many cases is financial gain, with insiders often stealing data to commit tax fraud, to open lines of credit, and to commit other fraud. Fun and curiosity are other factors as well: 31% of the security incidents involved insiders looking up personal records of celebrities and family members, Verizon found. In an Accenture report based on a survey of 912 healthcare employees in the US and Canada, some 18% of the respondents — or nearly 1 in 5 — professed their willingness to sell confidential data to unauthorized thirds parties for as little as between $500 and $1,000. Among the malicious activity they were willing to peform: sell login credentials, download data to portable drives, and install tracking software on business systems. Twenty-four percent actually know someone in their organization who had sold their access credentials to an unauthorized third-party. The willingness to sell confidential data was more pronounced among respondents from provider organizations (21%), compared to those in payer organizations (12%), Accenture found. Another reports from Thales, for instance, found that healthcare organizations in the US experience substantially more breaches than organizations in other regions of the world. Thales surveyed 100 senior healthcare IT managers in the US and 135 professionals from nine other countries and found 48% of the US respondents reporting a breach in the last 12 months, compared to an average of 36% elsewhere. More than three-quarters (77%) of US healthcare entities say they have experienced at least one data breach in the past, and nearly six in 10 (56%) confess to feeling either "very vulnerable" or "extremely vulnerable" to potential data security incidents. In comparison, just 34% of the respondents from other countries felt the same way, the Thales study shows. https://www.darkreading.com/vulnerabilities---threats/insider-threat-seriously-undermining-healthcare-cybersecurity/d/d-id/1331191 https://healthitsecurity.com/news/58-of-healthcare-phi-data-breaches-caused-by-insiders Company Seeks $2B After Worker Allegedly Walks Of With Cancer Drug Secrets - October 13, 2017 Delaware pharmaceutical developer Incyte says a scientist who left its ranks spilled company secrets about its most promising cancer-fighting drug to a Silicon Valley startup — intellectual property worth more than $1 billion. Jordan Fridman worked at Incyte's headquarters outside Wilmington for more than a decade, eventually rising through the ranks to become the drugmaker's director of pharmacology. But by early 2013, he was talking to another scientist in California about leaving for another job, court documents show. Months later, Fridman began feeding Incyte's trade secrets to a prospective employer, which used the information to secure a $1.25 billion acquisition by pharma giant Bristol-Myers Squibb in 2015, Incyte lawyers contend. http://www.delawareonline.com/story/money/business/2017/10/13/incyte-cancer-drug-conspiracy-lawsuit/755033001/ Texas Physician Gets 35-Year Sentence in Huge Fraud Scheme - August 11, 2017 A Dallas physician has been sentenced to 35 years in federal prison and ordered to pay more than $268 million in restitution for his role in a Medicare and Medicaid fraud conspiracy involving $357 million in billing for unnecessary home healthcare services. Roy Jacques, M.D., in April 2016 was convicted of one count of conspiracy to commit healthcare fraud, eight counts of healthcare fraud, two counts of making a false statement relating to healthcare matters and one count of obstruction of justice. Roy is the sixth defendant sentenced so far in the healthcare fraud scheme, but he has received by far the stiffest penalty. One defendant awaits sentencing in October, and five others sentenced in the scheme received prison sentences ranging from three to 10 years, and orders to pay restitution ranging from nearly $400,000 to $25 million. The justice department notes that federal prosecutors presented evidence at trial that Roy and three others "engaged in a large-scale, sophisticated healthcare fraud scheme in which they conspired together and with others to defraud Medicare and Medicaid through companies they owned/controlled." Those included Medistat Group Associates, Apple of Your Eye Health Care Services, Ultimate Care Home Health Services and Charry Home Care Services. https://www.govinfosecurity.com/texas-physician-gets-35-year-sentence-in-huge-fraud-scheme-a-10189 Health Care Employee Fired After 547,000 Customers' Data Compromised - July 16, 2017 The Bupa employee responsible for copying and removing data relating to 547,000 customers from the organization’s systems has been fired. Bupa, the international healthcare group with a presence in 190 countries, revealed that it had been stung by a data breach after an employee inappropriately copied and removed information from one of the company’s systems. Databreaches.net was behind a report which claimed that a listing appeared on the now-gone Alpha Bay marketplace by a vendor calling himself or herself ‘MoZeal’. https://www.infosecurity-magazine.com/news/bupa-employee-fired-547000/ SunTrust Bank Says Former Employee Stole Details on 1.5 Million Customers - US-based SunTrust Bank said it is working with law enforcement after it discovered that a former employee had stolen private information belonging to nearly 1.5 million customers. "In conjunction with law enforcement, we discovered that a former employee while employed at SunTrust may have attempted to print information on approximately 1.5 million clients and share this information with a criminal third party," SunTrust CEO William Rogers said in a press conference on Friday. Rogers said the employee is no longer working for the bank. SunTrust believes exposed information includes customer names, addresses, phone numbers, and certain account balances. The Bank said passwords, social security numbers, account numbers, IDs, or driver's license numbers weren't exposed. "We and third parties have done forensic analysis on these accounts and we have not identify significant fraudulent activity regarding the effect of the accounts," Rogers said. https://www.bleepingcomputer.com/news/security/suntrust-bank-says-former-employee-stole-details-on-15-million-customers/ Former Accounts Payable Manager At The Bank of New York Mellon Corporation Charged With Bank Fraud For Embezzling Roughly $7 Million Man Charged In Manhattan Federal Court With Multimillion-Dollar Scheme To Defraud Financial Services Firm - February 15, 2017 Preet Bharara, the United States Attorney for the Southern District of New York, and William F. Sweeney Jr., the Assistant Director-in-Charge of the New York Field Office of the Federal Bureau of Investigation (“FBI”), announced today that CHRISTOPHER CANALE was charged with wire fraud, bank fraud, and aggravated identity theft for allegedly using his position at a global financial services firm (the “Firm”) to defraud the Firm out of at least $7 million over a thirteen-year period. Manhattan U.S. Attorney Preet Bharara said: “As alleged, Christopher Canale took advantage of his position as an accounts payable manager and used his employer’s bank accounts as his own, siphoning off millions to pay for personal expenses, including an outdoor pool, vacations, and luxury cars Canale accomplished this fraud by making unauthorized wire transfers and by cashing checks without authorization. In some instances, Canale effected the fraud by inputting fake invoices and wire transfer instructions into one of the Firm’s software programs. In other instances, Canale made checks out to petty cash, forged the name of his former supervisor on those checks, and kept the cash. Canale used the Firm’s funds to pay for numerous exorbitant personal expenses, including an outdoor pool, an outdoor sound system, landscaping for his home, and at least one luxury car. Canale also paid bills for a credit card account and sent approximately $40,000 in wire transfers to another individual. https://www.justice.gov/usao-sdny/pr/man-charged-manhattan-federal-court-multimillion-dollar-scheme-defraud-financial Insider At India's Punjab National Bank Paved The Way For $1.8 Billion In Fraudulent Transactions- February 21, 2018 Now that it's been confirmed that an insider at India's Punjab National Bank paved the way for $1.8 billion in fraudulent transactions, the Reserve Bank of India, the nation's central bank, is reiterating the need to strengthen security measures tied to SWIFT interbank transactions, and security experts are weighing in with risk mitigation advice. A deputy manager at PNB, Gokulnath Shetty, has been arrested and has confessed that he had unauthorized access to a Level-5 password to the SWIFT system to authorize issuance of money through Letters of Undertaking (LoUs) and Foreign Letters of Credit (FLCs), according to the Central Bureau of Investigation. A LoU is a widely accepted provision of bank guarantees under which a bank can allow a customer to raise money from another Indian bank's foreign branch. An FLC is a guarantee to a third party or vendor that money for the goods supplied would be paid. The Level-5 password, which is supposed to be accessible only to higher authorities, enabled Shetty to reach out to several banks to release money to Modi through the SWIFT system, the CBI said. Shetty also informed the investigators that he shared the password with other individuals, as well as directors of Modi's company, CBI reports. https://www.bankinfosecurity.com/mitigating-insider-threat-lessons-from-indian-fraud-case-a-10674 779 Cases Of Data Misuse Across 34 British Police Forces - July 26, 2017 A recent probe found 779 instances of data misuse across 34 different British police forces from January 2016 to April 2017. Staff have been caught accessing and using data in ways that are inappropriate and, in many instances, illegal. The study looked at how police were accessing data and under what circumstances, and found that more than a third of police departments need to improve their policies and/or tighten the reins on their employees. While many of them have put IT systems in place that monitor for data misuse, it is still a rampant problem and will take time to stem. The misuse of data by police forces undermines public faith in the institutions that are meant to protect citizens. https://www.theregister.co.uk/2017/07/26/uk_police_data_handling_foi/ FDIC Faces A Series Of Data Breaches Due To Employee Mistakes - 2016 In February 2016, an employee at the U.S. Federal Deposit Insurance Corporation (FDIC) was leaving her job. On her last day at work, she downloaded her personal files from her work computer to a USB drive and took it home. Three day later, the FDIC’s data protection software detected that 44,000 customer records, including PII, had been accidentally taken along with her personal data. The FDIC promptly contacted the ex-employee and asked her to return the device and sign an affidavit stating she did not use or share the information. This case wouldn’t be so worrisome if the FDIC hadn’t already experienced at least five similar security incidents, with departing employees accidentally transferring company data to personal storage devices — including highly sensitive data like loan and banking information. Unlike the February 2016 incident, not all the earlier breaches were immediately handled and reported by FDIC, which led to a series of hearings and fines from regulatory bodies. https://www.washingtonpost.com/news/powerpost/wp/2016/05/09/fdic-reports-five-major-incidents-of-cybersecurity-breaches-since-fall/ Wells Fargo Finds 1.4 Million Additional Fake Accounts Created - September 01, 2017 Wells Fargo admitted today that an additional 1.4 million fraudulent accounts may have been created by its employees over an eight year span, in addition to the 2.1 million such accounts that were revealed last year. The new figure is the result of a second company investigation that delved into 165 million retail banking accounts that were opened between January 2009 and September 2016, the company said in a statement. The original 2.1 million fake accounts were found during a separate study of 93 million accounts that were created between May 2011 and 2015. In order to make the false accounts appear legitimate the workers accessed their customer's personal records and created fake email addresses and enrolled the accounts in various online banking programs using the names and personal information of actual Wells Fargo customers. Debit cards and PINs were also issued in the customer's name. The scheme resulted in about 130,000 customers being charged fines for having insufficient funds and overdraft fees on the fake accounts that they did not know existed in their names. Customers were also charged finance and interest charges on the unauthorized cards created in their name. The new study found additional 60,000 people had been similarly charged. Wells Fargo said in a statement these victims will be reimbursed. The scandal that also saw 5,300 Wells Fargo employees fired. In addition, the Consumer Financial Protection Bureau fined the company $185 million. The Bureaus report found that employees created the false accounts in order to meet sales goals. https://www.scmagazine.com/wells-fargo-finds-14-million-additional-fake-accounts-created/article/685738/ Wells Fargo Employee Arrested On Charges Of Fraud, Identity Theft http://philadelphia.cbslocal.com/2017/06/08/wells-fargo-employee-fraud-identity-theft/ JPMorgan Chase & Co. Looses $6.2 Billion From Employees Actions / Fined $1 Million - 2012 The trader known as the London Whale lost at least $6.2 billion for JPMorgan Chase & Co. in 2012. That’s a lot of money until you remember that it didn’t stop the bank from earning a record profit of $21.3 billion the same year. The pain came elsewhere: Two former traders face criminal charges, the bank admitted violating securities laws and agreed to pay fines of more than $1 billion, a U.S. Senate subcommittee wrote a scathing report and the bank’s chief executive, Jamie Dimon, took a pay cut. https://www.bloomberg.com/quicktake/the-london-whale Banker Admits To Money Laundering In FIFA Case Jorge Luis Arzuaga, a former managing director at the Swiss bank Julius Baer, pleaded guilty to money laundering conspiracy in Brooklyn federal court on Thursday, revealing his role in the United States’ sweeping criminal case focused on FIFA, the governing body of international soccer. Mr. Arzuaga, who admitted to arranging the financial transfers of more than $25 million in bribes and kickbacks from 2010 to 2015, became the first banker publicly convicted in a case that has felled dozens of soccer officials and marketing and media executives since it was announced two years ago. His conviction suggests a new phase for the case, shifting its focus to the financial institutions through which bribe money traveled. https://www.nytimes.com/2017/06/15/sports/soccer/fifa-jorge-luis-arzuaga-pleads-guilty.html?mkt_tok=eyJpIjoiTVdJeE5tVmhZalZrWkdJMCIsInQiOiJrcnVMQXJDSGNUcmJUOXZjUk1WdHpscDI2Mk50Rkt4Z001alo4Y1ZQMjVlems3SGNOODlNWVZCRGZnaDdqVklhR1hLTmFXWUNHYUwrM0R5V1FuQ3RhZUFJUXNLSFlmUmR0SVF0cmJPd1dHQ0d1aXVoUW0yMU0xMDI0TmhWMmhtYyJ9 Bank of America Executive, Husband & 3rd Person Embezzled $2.7M To Spend On Motorcycle - May 15, 2017 A former Bank of America (BOA) executive, her husband and a third person were arrested and charged Monday in Boston for their roles in an alleged $2.7 million embezzlement scheme that relied on fraudulent donations on behalf of the bank to nonprofit groups. From 2010 to 2015, Pam Ace took money from BOA’s marketing budget to make dozens of supposed donations to nonprofits in Boston and Atlanta, each of them for under $50,000, according to prosecutors. The Aces and Forde allegedly would then tell the nonprofits that they needed to give back some of the money if they wanted to continue receiving donations from BOA. The nonprofits would either write checks to Jonathan Ace or Forde or return the funds through a BOA account that the trio could access, prosecutors said. In some cases, Jonathan Ace allegedly threatened to publicly humiliate the recipients of the funds or otherwise intimidate them in order to get them to return more money. The Aces would spend the money they embezzled on themselves, throwing expensive birthday parties and buying a $17,000 Kawasaki motorcycle, according to prosecutors. Pam Ace has been indicted on one count of conspiracy to commit bank fraud and wire fraud, 12 counts of bank fraud and four counts of wire fraud. Jonathan Ace and Forde face similar charges. http://www.bizjournals.com/boston/news/2017/05/15/feds-ex-bofa-exec-husband-embezzled-2-7m-to-spend.html?mkt_tok=eyJpIjoiTlRWaU16QmtOVE5sTldObSIsInQiOiJiaENaeHJGbEdNOG9cL1RlNlFcL204NktNZHpWOGdVZVAwclRVRkI0UjRZeWlvdVJKS1hXT3VVc284WjlLenkxN2FQa3d1YUU5bmdHRGlWNXdNMUxGcE9cL3VuaXhGU21aMXNHNDdLcWpleTFlaGRwUmkxNnhcL2p3TXM1ZER5SE9oVEQifQ%3D%3D