Chicago Theft Ring Received Sentences For Card Skimming Crimes

In a Chicago court, several defendants were sentenced for card skimming thefts and fraud. The sentences ranged from six years of prison time for the ringleader to two years of probation for other members of the theft ring.

The thieves, working with employees at several fast-food restaurants in Chicago, had allegedly swiped consumers' debit/credit cards through small portable readers to obtain their card numbers. The theft ring then allegedly created fake cards with the stolen card numbers and purchased about $200,000 in merchandise.

Affected consumers had accounts at several banks: Chase, Citibank, Fifth Third Bank Harris Bank, U.S. Bank, Bank of America, and American Express. Reportedly, the banks assisted local law enforcement with the investigations. The seven defendants included:

• Joseph Woods, 33 (the ringleader)
• William Washington, 31
• Alex Houston, 23
• Britain Woods, 34
• Jenette Farrar, 35
• Essence Houston, 29
• Kenyetta Davis, 33,

Congratulations to both local law enforcement and the judicial system.

Hacker Sentenced To Prison For Sony Data Breach

You may remember a series of data breaches during 2011 at Sony Online Entertainment and the Sony Playstation Network. ComputerWorld reported that 25-year-old Cody Andrew Kretzinger was sentenced to one year plus one day in prison for his role in the May 2011 hack into Sony Picture's systems and databases. After serving prison time, Kretzinger will also serve one year of home detention.

Kretzinger was a member of the LulzSec hacker group. Another group member, Hector Xavier Monsegur, was arrested in June 2011 and then served as an F.B.I. informant. Monsegur will be sentenced in August 2013.

The Mugshot Industry. Accurate Information That Is Beneficial For Consumers?

Thursday night, ABC Nightline reported about problems consumers encountered with the mugshot industry -- websites that publish online photos of citizens arrested by law enforcement. While there have been very public, high-profile cases of celebrities' mugshots, the reality is that many consumers have been affected.

You've never heard of the mugshot industry? Neither had I until this Nightline report:

"Here's how it works, the sites legally download the latest mug shots from police web sites [that] published the faces of alleged lawbreakers on the Internet. And then often charge the accused of -- sometimes hundreds of dollars to pull all the photos..."

That's right. The sites charge consumers a fee, sometimes called a "take-down fee," to remove their mugshot photos. There are several problems with this. First, after paying one website to remove their mugshot photo, many consumers find that their mugshot photos re-appear on another website. Second, many sites don't consistently remove mugshot photos of consumers wrongfully arrested or found innocent by a court:

"... Sofia on Roddy says that was not her experience dealing with other companies she says she explained over and over again how she was the victim. And how the photos were preventing her from obtaining employment. And she provided these court document showing that prosecutors cleared her case. This was a wrongful arrests. And the case was dismissed by the state attorney's office. But her picture remains published..."

That does not sound good at all. According to ABC Nightline, there are 60 such mugshot websites. I searched online and easily found several within five minutes:

• Tampa Bay Mugshots (Florida)
• Busted! Mugshots
• Sarasota Mugshots (Florida)
• Springfield Mugshots (Missouri)
• Just Mugshots
• Shasta Mugshots (California)
• Gwinnett County Mugshots (Georgia)
• Mugshots Ocala (Florida)
• Mugshots Atlanta (Georgia)
• Go Upstate Mugshots (South Carolina)
• Cincy Mugshots (Ohio)
• Mugshots Gainsville (Florida)
• Who's Arrested

Some sites focus on a specific city or country, while others include several states and/or geographic areas. I am sure that some sites operate responsibly. Some are operated by newspapers. Why is this industry growing quickly? The ABC Nightline report interviewed one mugshot website operator, who admitted:

"Think of how many people have been arrested. Now put a small service fee on data -- of people and you can see why the industry is sort of taken off..."

Some consumers are fighting back. First, there is at least one blog about the mugshot industry. Increasing awareness among consumers is always good.

Second, in Florida legislators introduced a new bill (HB 677) to require mugshot website operators to automatically take down photos when consumers are found not guilty, or the charges were later dropped. That seems to be a very appropriate common-sense law.

Third, there is a class-action lawsuit in Ohio against several mugshot websites. According to Findlaw, the lawsuit claims:

"... these mugshot websites violate a person's right to publicity... to control how their own names and likenesses are used in the public domain, similar to how someone would own a copyright or patent... these mugshot websites may not publish such photos for the sole purpose of profiting off them, the lawsuit claims. The suit asserts that the websites' primary purpose for publishing these mugshot photos is so that those charged with a crime will pay money to remove their pictures."

The credit reporting industry is catching some most-deserved criticism about high error rates in credit reports. Plus, a couple federal laws govern and dictate a consistent process for consumers to report and challenge errors in credit reports. Accuracy seems important for the mugshot industry. HB 677 is a good start, but that is only one state. Issues with the mugshot industry are likely to continue until consumers pressure their elected officials for improved laws that better balance the privacy rights of consumers with the publishing rights of mugshot websites.

Watch the ABC News/Nightline report. And, learn more about the class-action lawsuit in Ohio.

What do you think of the mugshot industry? If you have been affected by, or paid a take-down fee to a mugshot website, what was your experience?

Former MLB Player Jailed On Fraud And Identity Theft Charges

This story caught my attention for reasons you might find surprising. It did not catch my attention because it involves a celebrity. It caught my attention because it shows how employees and independent contractors can become identity theft and fraud victims via an employer.

The Sports Illustrated article, "How Lenny Dykstra Got Nailed" explains how former Major League Baseball player Lenny Dykstra was jailed on identity theft and fraud charges. To fund a lavish lifestyle, Dykstra allegedly asked his employees to use their credit cards, never repaid them for the purchases, and used without authorization their sensitive personal information (e.g., Social Security Number) to apply for loans.

This story also highlights the importance of filing identity-theft and fraud complaints with both local law enforcement, the FTC, and the CFPB. Filed complaints allow law enforcement to discover patterns they might not discover otherwise.

Wilberto Hernandez, a personal credit repair consultant in Los Angeles had phoned local police after he received a notice from a credit agency that his Social Security number had been presented for credit checks at two car dealerships. Hernandez had helped one of Dykstra's business associates with credit repair services. Local police quickly saw a pattern among police reports filed:

"By Christmas 2010, [the police detective] had spoken with 17 people—personal assistants, drivers, private jet pilots and housekeepers—who claimed that Dykstra did not pay them for services, used their credit cards or got hold of their Social Security numbers and opened credit cards in their names."

One victim's situation was particularly instructive:

"Christopher Gavanis, then 30, had just moved to Los Angeles from Pennsylvania. Gavanis... couldn't afford a car to help him find work—but he did have a sterling credit rating. According to an interview police conducted with Gavanis on April 14, 2011, Dykstra promised him the car he desperately needed in return for the use of his credit... Dykstra also promised Gavanis a job with Home Free Systems once clients started rolling in..."

When Corporate Executives Commit Identity Theft And Fraud

What happens when corporate executives do bad things? This blog has covered law enforcement actions that usually involve low-level employees, workers, or technicians that have committed identity theft and fraud. Do senior-level (also known as C-Suite) corporate executives or owners of businesses experience the same consequences when caught?

One answer to this question is in the courts. I didn't have to look far with Google.com to find court cases.

In U.S. v. Abdelshafi, the owner of a medical transportation company was convicted of submitting fraudulent health care billing claims and aggravated identity theft after using patients' medical information to submit fraudulent bills for trip services that never happened. The CCH Healthcare publication reported about a January 2009 court decision about then length of the owner's court sentence:

"The transportation company contracted with a HMO to provide medical transportation services to Medicaid patients... It was discovered that the owner of the transportation company submitted claims with substantially inflated mileage amounts and also claims for trips that did not occur, enabling the owner to collect at least $303,329 in fraudulent payments... The Court of Appeals for the Fourth Circuit noted, however, that while the owner did have the lawful authority to use the identifying information for proper billing purposes, he did not have the lawful authority to use Medicaid patients' identifying information to submit fraudulent billing claims... U.S. Sentencing Guidelines provides that an individual's offense level should be increased by two levels if the individual abused a position of trust that significantly contributed to the commission of the offense... The owner abused the authority of his position by misusing the Medicaid patients' identification information to file fraudulent claims for payment. Therefore the sentence enhancement was proper."

Then, there's this case from BenefitsLink.com about an employee who stole another employee's identity and then used that identity information to steal money from the victim's 401-K retirement account. While the criminal was not a senior level executive, the case includes identity theft and 401-K retirement account fraud:

"A former employee of a Kansas City, Mo., gaming casino was sentenced to one year in federal prison and three years of supervised probation after completion of her prison term. Dana Wachter also was ordered to make approximately $38,000 in restitution stolen from a co-worker... Wachter was sentenced June 29, 2009 in U. S. District Court for the Western District of Missouri. She was indicted in June 2008 on one count each of aggregated identity theft, mail fraud and theft... The indictment contends that, in March 2007, Wachter used her co-worker's social security and personal identification numbers to authorize an $18,000 distribution from her co-worker’s 401(k) account. Wachter is further alleged to have used the mail to steal a distribution check and forged the participant’s signature on the check."

To find more white-collar crime, one doesn't have to search far. I decided to broaden my searches for cases that didn't necessarily include identity theft. The U.S. Attorney Office in Nebraska published this news release involving a C-Suite executive:

"On March 3, 2009, the Honorable Judge Laurie Smith Camp sentenced Marilyn Adams, 66, of Omaha, Nebraska, to a term of 12 months in prison followed by 3 years of supervised release... Adams was indicted in April of 2008 in a two count indictment alleging that a nursing staffing business she formed, AMS Healthcare Services, withheld monies from the paycheck of its employees for purposes of making contribution to a company sponsored 401K program through Hartford Life Insurance Company. Adams, along with her son, Jeffrey Adams, withheld $111,136 dollars with the promise of forwarding those funds to the Hartford Life Insurance Company. Marilyn Adams, as the company president and plan administrator was required to file forms with the Department of Labor documenting funds withheld and transmitted to the 401K plan. Judge Smith Camp ordered Marilyn Adams to pay restitution in the $111,136 dollar amount to the 39 former employees from whom she stole."

I'll bet that those 39 employees felt they had been mugged when they didn't see the contributions to their 401-K accounts while the company deducted money from their paychecks.

Then, I visited the the U.S. Department of Labor (DOL) site to see what else I could find. The DOL site publishes summarizes of the court cases -- both civil and criminal -- it prosecuted during the past year, and the money collected. The agency's March 2010 Fact Sheet reported:

"... in Chao v. Gene Shawn Group, et. al., the U.S. Department of Labor obtained a Consent Judgment and Order. The Consent Judgment requires defendants Young Jin Lee and Juliette Lee, owners of the Gene Shawn Group, LLC dba A-Q Dental Laboratory (Company), to repay $32,587, including interest, to the A-Q Dental Laboratory 401(k) Profit Sharing Plan. The Consent Judgment holds the Lees responsible for restoring any losses remaining after the conclusion of the Company’s bankruptcy proceedings. Additionally, the Lees were permanently enjoined and restrained from future service as a fiduciary of, or service provider to, any ERISA-covered plan. The Department alleged that the defendants violated ERISA by failing to remit employee contributions, employer matching contributions and loan repayments to the plan."

Here's one of several criminal cases summarized in the Fact Sheet:

"... Mark Harrington was sentenced to 2 years imprisonment, 24 months probation, and ordered to pay restitution of $349,870. On April 14, 2009, Mark Harrington pled guilty in the U.S. District Court for the District of Massachusetts to embezzlement from an employee pension fund. Mr. Harrington had been the Vice President and Controller at Anchor Capital Advisors, LLC and in this position he also acted as the Plan Administrator for the Anchor Employees' 401(k) Plan (Plan)... As the Plan Administrator, he directed the custodians of the Plan's assets to make distributions totaling $386,711.70 to various fictitious entities. At the same time, he employed the services of a relative to establish bank accounts at different banks in the name of these fictitious entities and to deposit the distributions into those bank accounts. Harrington used the stolen funds to buy a home, a Cadillac Escalade, breast implants, jewelry and other items."

Another summary:

"... in Chao v. Craig Wagner, the U.S. Department of Labor obtained a default judgment ordering Concrete Construction Co. of Acworth, Georgia, and its president, Craig Wagner, to restore $11,672 in employee contributions, employer contributions, and interest to the company’s 401(k) plan. The Department alleged that the defendants violated the Employee Retirement Income Security Act (ERISA) when they withheld employee contributions to the plan and illegally commingled the contributions with the general assets of the company..."

The fact sheet also published statistics about the agency's performance. In 2009, the DOL closed 1,042 civil cases of which 87% (910) included violations, and closed 64 criminal cases of which 52% included criminal indictments -- both totaled about $17.9 million.

The fact sheet also includes historical agency performance. In 2007, the agency prosecuted cases with judgments totaling more than $51 million. In 2004, the agency closed almost 1,600 civil cases. In 2003, the agency the judgments totaled more than $135 million. That's a lot of money. That's a lot of crime.

This fact sheet was a good read. C-Suite executives seem to receive similar consequences as lower-level employees.

The historical statistics indicate to me that there is (and has been) a significant amount of crime by people usually in a position responsible for employee 401-K retirement plans -- often C-Suite executives. I could have listed more court case summaries, as I found more cases involving medical identity theft.

After reading these court summaries, I can only imagine that the C-suite executives in these cases were arrogant and felt entitled to use other peoples' money as if it was theirs to use as they please. I'd like to congratulate the DOL Employee Benefits Security Administration for those achievements. I look forward to reading the agency's fact sheet in 2011 about its accomplishments during 2010.

TJX Hacker Gets 4 Years In Prison

It's important to note when identity thieves get what they deserve in court. The Wired Threat Level blog reported last week:

"Humza Zaman, a co-conspirator in the hack of TJX and other companies, was sentenced Thursday in Boston to 46 months in prison and fined $75,000 for his role in the conspiracy... Zaman, a 33-year-old former network security manager at Barclays Bank, was charged with laundering between $600,000 and $800,000 for hacker Albert Gonzalez, who is currently awaiting sentencing on charges that he and others hacked into TJX, Office Max, Heartland Payment Systems and numerous other companies to steal data on more than 100 million credit and debit card accounts. Zaman pleaded guilty in April to one count of conspiracy. His sentence includes three years of supervised release with the condition that Zaman must disclose his conviction to any future employer. Upon release, Zaman will not be barred from using computers."

The group used money mules to withdraw money from ATM machines with stolen bank account information and to wire money to overseas accounts in Latvia. In December 2009, former Morgan Stanley programmer and co-conspirator, Stephen Watt, received two years in prison. Watt wrote the code for a sniffer computer program used to steal card account data from the TJX network. For his role in the conspiracy and thefts, experts say Gonzalez may receive at least 17 years in prison.

Man Receives Prison Sentence For International Check Scam

A popular topic on this blog topic has been check scams and tips for consumers about how to recognize them. It is always good to read about the prosecution of fraudsters and scam artists by law enforcement.

KABC Television in Los Angeles reported that a Nigerian national was sentenced Monday to 97 months in federal prison for operating an international check scam:

"Prosecutors say that 39-year-old Alvin Chiemezie Asieru bilked hundreds of victims out of more than $1.5 million. Asieru was also ordered to pay full restitution to his victims. He pleaded guilty last year to one count of mail fraud, admitting that he participated in an international telemarketing scheme that defrauded almost 500 American victims. Prosecutors say Asieru's scheme involved sending fradulent checks to victims, telling them that they had either won a contest, had been chosen to participate in a promotion, or were being offered employment as "secret shoppers."

An Example of Insider Medical Identity Theft

From the Billings, Montana Gazette:

"A 33-year-old Columbia Falls woman has been sentenced to two years in prison and ordered to pay more than $18,700 in restitution for her role in an identity theft case... Prosecutors say [Andrea] Mackowiak took names, Social Security numbers and dates of birth from patient account records at a clinic and gave the information to a person in Washington state. That person used the information to set up Qwest telephone accounts that were used by prison inmates."

Thanks to local law enforcement that this identity criminal was caught and prosecuted.

Former Councilman Gets One Year In Prison For Computer Spying

I think that it is important for criminals to experience consequences. The ends do not justify the means. The Greenville News (North Carolina) reported:

"A federal judge sentenced former Greenville County councilman Tony Trout to one year in prison on computer spying charges on Wednesday, telling the former police officer that he violated the public's trust... Trout told U.S. District Judge Henry Floyd that he was wrong to implant a bug on County Administrator Joe Kernell's computer that allowed him to access Kernell's personal emails... A jury convicted Trout in April on four counts of computer spying and wiretapping after Trout testified in his own defense that he didn't know that it was illegal to intercept Kernell's personal e-mails through the administrator's computer and private Yahoo account. Trout's stated intention was to expose what he saw as government corruption and that he thought county employees had no right to privacy on work computers..."

Trout's actions violated the Electronic Privacy Communications Act.

F.B.I. Task Force Prosecutes Post-Hurricane Katrina Identity Thieves

I like to acknowledge the work of law enforcement to pursue, prosecute, and sentence identity thieves and scam perpetrators. Last week, the U.S. Federal Bureau of Investigation (F.B.I.) announced:

"The Hurricane Katrina Fraud Task Force has brought federal charges against 907 individuals in 43 federal judicial districts across the country since Hurricane Katrina made landfall in southern Louisiana in August 2005..."

The Department of Justice established the Hurricane Katrina Fraud Task Force after the devastation of Hurricane Katrina in September 2005. The Task Force is responsible for:

"... deterring, detecting, and prosecuting individuals who try to take advantage of the disasters related to Hurricanes Katrina, Rita, Wilma, Gustav, and Ike, as well as other natural disasters. The Task Force tracks referrals of potential cases and complaints, coordinates with law enforcement agencies to initiate investigations, and works with the appropriate U.S. Attorneys’ Offices to ensure timely and effective prosecution of disaster-related fraud cases."

It is sad that a task force is needed to combat this criminal activity. You can read the F.B.I. press release for details about specific cases where identity thieves were prosecuted and jailed. The F.B.I. advises consumers to report fraud, waste, abuse or allegations of mismanagement involving disaster relief operations to the Disaster Fraud Hotline at 866-720-5721, the Disaster Fraud Fax at 225-334-4707 or the Disaster Fraud e-mail at disaster@leo.gov.

Brooklyn Man Sentenced For Identity Theft

In April I wrote about a trial where the jury convicted an identity thief, Lamar Whitehead, of stealing the identities of several consumers and businesses. Last week, Robert Clifford, the Director of Communications for the Suffolk County New York District Attorney Thomas Spota, provided a copy of the following news release:

July 1, 2008

Brooklyn man sentenced for ID Theft

A Brooklyn man was sentenced Monday, June 30, to ten to 30 years in prison for running an ID theft scheme that victimized local and out-of-state residents and businesses. Lamar Whitehead of 6 Macon Street in Brooklyn was convicted in April of stealing credit information and applying for loans from online banks using his victims’ names. The investigation by the ID theft Unit of the Suffolk County police department unraveled a complex tangle of Whitehead’s cell phone and internet communications. The investigation found the defendant filed credit applications to purchase Land Rover SUV’s and secure equity lines of credit from online banks.

During a trial that lasted from February 4 until April 1 of this year, jurors reviewed bank, Internet and phone records. After four days of deliberations, Whitehead was convicted of fourteen counts of first degree identity theft, a class “D” felony punishable by two and one-half to seven years incarceration, three counts of identity theft in the third degree, a misdemeanor, and one count of scheme to defraud, a felony punishable by a prison term of one and one-third to four years.

For those who are interested, the Suffolk County New York DA web site contains a photo of the identity thief.

10 to 30 years is definitely a hefty prison term. It is good to read news items about law enforcement catching identity thieves. It's even better to read news items about significant sentencing results. Thanks to the Suffolk County New York DA's office.

Medical Fraud A Growing Problem

We all want effective government, not just small government. When fraud occurs, all taxpayers end up paying. According to a recent news item in the Washington Post:

"All it took to bilk the federal government out of $105 million was a laptop computer. From her Mediterranean-style townhouse, a high school dropout named Rita Campos Ramirez orchestrated what prosecutors call the largest health-care fraud by one person. Over nearly four years, she electronically submitted more than 140,000 Medicare claims for unnecessary equipment and services... the simplicity of Campos Ramirez's scheme underscores the scope of the growing fraud problem and the need to devote more resources to theft prevention. Law enforcement authorities estimate that health-care fraud costs taxpayers more than $60 billion each year."

To combat the problem, authorities have formed a Washington-based strike force, which works with a small group of U.S. attorney's offices. This strike force has opened in the past year about 900 criminal investigations and convicted 560 defendants in health-care fraud offenses across the country. But there's lots more to do.

Will Ramirez serve jail time? Yes, but:

Sentenced to 10 years, Campos Ramirez, 60, may yet reduce her prison term by helping authorities unwind "the large web of medical clinics, doctors, nurses, money laundering companies and HIV clinic financiers who participated in this massive fraud," prosecutors wrote earlier this year in court papers.

Jury Convicts New Jersey Man Of Identity Theft

I am pleased to forward news when an identity thief receives what they deserve. Empire State News reported:

"The jury convicted Lamar Whitehead, 29, of stealing the identities of local and out-of-state residents and businesses. The scam involved Whitehead’s stealing of identities and applying for loans from online banks using his victims’ names. The defendant often used the loans to buy luxury automobiles, or open equity lines of credit. Whitehead was convicted of 14 counts of first degree identity theft, a felony punishable by 2 1/2 to seven years in prison; three counts of identity theft in the third degree, a misdemeanor, and one count of scheme to defraud, a felony punishable by a prison term of 1 1/3 to four years."

Newsday also reported about the conviction:

"... prosecutors, who portrayed Whitehead as a criminal "ringleader" who used his ex-girlfriend to obtain credit information from a Patchogue car dealership, said the partial verdict showed the jury's diligence in weighing each count. The verdict came after four days of deliberation. Prosecutors said Whitehead's victims stretched as far as Tennessee and Georgia."

The only problem I see with the conviction is that Whitehead should have also been forced to make restitution to his ID-theft victims.

Seattle Man Sentenced To 51 Months In Prison For Identity Theft

I am pleased to forward news when identity thieves receive what they deserve. The Seattle Post-Intelligencer reported:

"Kopiloff pleaded guilty to aggravated identity theft, mail fraud and accessing a protected computer without authorization to further fraud. He victimized more than 50 people and caused about $70,000 in losses, according to court records."

Readers should also note:

"The peer-to-peer network Kopiloff exploited is the type that is used to swap music online. Kopiloff used software such as LimeWire to search the computers of members of the file-sharing network for federal income tax returns, student financial aid applications and credit reports, according to prosecutors. The stolen merchandise would be shipped to mailboxes around the Puget Sound region, then sold for about half its retail value."

This story should be a warning to consumers about both the risks with file-sharing software, and the need to properly configure home firewall, wireless network, and anti-virus software.

Judge Hands Identity Thief The Maximum Sentence

From the St. Louis Today newspaper:

"A federal judge handed down a maximum sentence Friday to an identity thief who authorities said began a new scheme while still serving time in a halfway house for a previous one. The thief, Robert Unique Haines, 43, of the St. Louis area, must serve 14 years in prison, the U.S. attorney's office said. He pleaded guilty in October of conspiracy, aggravated identity theft, fraud with identification documents and escape."

Apparently, Haines recruited employees at an Old Navy store and at United Healthcare to steal customers' personal information. The thieves used the personal data to open credit accounts in the customers' names or take over their accounts. The theft was pretty extensive:

"The shoppers got cash and permission to use the cards for their own purchases, officials said, while Haines and others would sell the merchandise at a discount for cash. Investigators located 58 customer victims and $150,000 in fraudulent purchases or charges, although the companies notified more than 15,000 that their information was at risk.

The conspirators also received prison sentences:

"Former United Healthcare employee Clare Hungerford, 37, of the 11000 block of Hidden Lake Drive in St. Louis, was sentenced last month to four years in prison in the case. Former Old Navy employee Timothy Short, 32, of the 900 block of Concordia Lane, was sentenced in November to two years in prison. Six others have also pleaded guilty to related charges and were ordered to serve sentences of probation to 75 months in prison."

While the good news in this story was that the thieves were caught and sentenced, there is a cautionary message. The thefts relied on employees working inside the companies. This should be a signal to companies everywhere that security checks both before and during employment are necessary.

Chicago Woman Gets 8 Years For Identity Theft

I like reading news stories about identity thieves who were caught and convicted. The Chicago Tribune newspaper reported:

"A Chicago woman who used a stolen identity to buy a house and a vehicle was sentenced Monday to 8 years in prison. Denise Williams, 37, bought a $173,000 house in the 6000 block of South May Street and a $24,000 Chevrolet Equinox using the personal information of a woman whose wallet was stolen during a trip to Chicago, said Andy Conklin, a spokesman for the Cook County state's attorney's office. Williams was not accused of stealing the wallet, but she used its contents, including the victim's Social Security card, to buy the home and the vehicle, Conklin said. It's unclear how she obtained the wallet."

The story demonstrates the damage identity thieves can do with a SSN, birthdate, and name. The story highlights the fact that identity information is bought and sold by numerous criminals. In my opinion, 8 years in prison sounds about right.