WASHINGTON–After earlier suggesting a 2014 data hack of a federal agency contributed to the filing of false loan applications four years later at a credit union, the Justice Department is criticizing a U.S. Attorney’s Office in Virginia for making the allegation.
As CUToday.info reported earlier here, the 2014 hacking of the Office of Personnel and Management (OPM) by what is believed to be Chinese hackers involved data related to some 22-million people, with some of that data allegedly having been used in the taking out of bogus loans at Langley FCU. In June, two people, Kariva Cross, 39, and Marlon McKnight, 40, admitted in court in Newport News, Va., to having used stolen member data to apply for the funds.
At the time of the guilty pleas, the Eastern District of Virginia suggested the OPM data had been involved, although a spokesperson had declined to elaborate on how the two defendants got access to OPM data, the Washington Post reported.
But now the Justice Department has sent a letter to Sen. Mark R. Warner (D-VA) in which it stated the press release from the U.S. attorney for the Eastern District of Virginia “implied a premature conclusion that the exclusive and known source of the stolen identities used in the . . . fraud case was the OPM data breach.”
On the Contrary
On the contrary, the Justice Department said, “because the victims in this case had other things in common in terms of employment and location, it is possible that their data came from another source.”
A former Department of Homeland Security official, who spoke with the Washington Post on the condition of anonymity to discuss sensitive national security issues, said he was skeptical that the stolen personal information came from the OPM hack.
Had the information leaked from China, he said, “it probably would have been abroad first, and we would have seen it on a much broader scale,” the Post quoted him as saying.
The Post further noted that if the Virginia fraud were definitively linked to the OPM hack, it would bolster federal employees’ efforts to sue the government over the breach. In September, a federal judge in the District dismissed a lawsuit seeking compensation, saying the plaintiffs failed to show any “actual economic harm” from the breach.
That case is being appealed.
Under the ruse used against Langley FCU, the defendants posed as the owners of cars and then cashed loan checks or received wire transfers from the accounts they set up, prosecutors said. The scam began to unravel when one victimized member received a past-due balance notice on a vehicle loan and contacted the credit union, according to court documents.