FEMA IT Staff Arrested In ID Theft & Tax Refund Fraud Scheme – eCrimeBytes Nibble #3

This is another interesting story where a FEMA insider steals tens of thousands of identities:

An information technology specialist at the Federal Emergency Management Agency (FEMA) was arrested this week on suspicion of hacking into the human resource databases of University of Pittsburgh Medical Center (UPMC) in 2014, stealing personal data on more than 65,000 UPMC employees, and selling the data on the dark web.

On June 16, authorities in Michigan arrested 29-year-old Justin Sean Johnson in connection with a 43-count indictment on charges of conspiracy, wire fraud and aggravated identity theft.

Federal prosecutors in Pittsburgh allege that in 2013 and 2014 Johnson hacked into the Oracle PeopleSoft databases for UPMC, a $21 billion nonprofit health enterprise that includes more than 40 hospitals.

According to the indictment, Johnson stole employee information on all 65,000 then current and former employees, including their names, dates of birth, Social Security numbers, and salaries.

The stolen data also included federal form W-2 data that contained income tax and withholding information, records that prosecutors say Johnson sold on dark web marketplaces to identity thieves engaged in tax refund fraud and other financial crimes. The fraudulent tax refund claims made in the names of UPMC identity theft victims caused the IRS to issue $1.7 million in phony refunds in 2014.


Krebs also noted that there are LinkedIn and and Facebook profiles that appear to be associated with Johnson.

Johnson plead guilty on 5/20/21. On 10/15/21 Johnson was sentenced to 5 years on one count and 2 years on a second count, to run consecutively:


Further Reading:








Leave a Reply

Your email address will not be published. Required fields are marked *