Michigan Man Charged With Theft and Sale of PII of UPMC Workers

A Michigan guy has pleaded guilty to hacking into the human resource databases of the University of Pittsburgh Medical Center in 2013 and 2014 and stealing 65,000 UPMC workers’ personally identifiable information (PII) and W-2 information.

Justin Sean Johnson, 30 years old, of Detroit, MI, was a Federal Emergency Management Agency (FEMA) IT professional also called as The DearthStar and Dearthy Star on darknet forums. After 6 years of hacking the databases and vending stolen records, Johnson was accused by a federal grand jury in Pittsburgh and was detained for aggravated identity theft, conspiracy and wire fraud.

Johnson at first hacked into UPMC’s Oracle PeopleSoft HR database in December 2013 and accessed the PII of 23,500 UPMC workers. Between January 2014 and February 2014, Johnson viewed the data source several times per day and downloaded PII. Johnson then sold the stolen information on darknet marketplaces like AlphaBay to crooks who utilized the records in 2014 to file lots of fake 1040 tax returns.

Based on a Department of Justice press release, the scheme brought about approximately $1.7 million fraudulent tax refunds being paid by the IRS. The tax refunds were converted to Amazon.com gift cards that were employed to buy high-value products that were delivered to Venezuela. Johnson was compensated roughly $8,000 in Bitcoin for the stolen UPMC workers’ data.

Besides the robbery and selling of UPMC worker PII, between 2014 to 2017 Johnson stole and marketed about 90,000 sets of PII on darknet forums. That data was later utilized to do identity theft and bank fraud.

Johnson recently confessed to 2 counts of a 43-count indictment and currently is waiting for sentencing. Johnson will have a maximum of 5 years jail term and will pay a fine of up to $250,000, along with a compulsory 24-months in prison and a penalty of as much as $250,000 for aggravated identity theft.

The U.S. Secret Service Special Agent in Charge Timothy Burke stated that the healthcare industry has come to be an appealing target of hackers seeking to update personal information and use it for fraud, and so the Secret Service is determined to detect and arrest those that do crimes against our Nation’s critical systems for their personal benefit.

Three other people have pleaded guilty to crimes done relating to the scheme. Maritza Maxima Soler Nodarse from Venezuela pleaded guilty in 2017 to committing conspiracy to defraud the United States with regards to the processing of falsified tax refunds. Yoandy Perez Llanes of Cuba pleaded guilty in 2017 to buying Amazon.com gift cards to launder the funds. Justin. A. Tollefson from Spanaway, WA pleaded guilty in 2017 to using stolen identities to file fake income tax returns.