I’ve been doing some research for insider threat training content I’m creating, and I ran across a recent judgment against a bank employee for identity theft. This provides some good lessons to organizations for the insider threat, and would make a great case study for any organization to help personnel improve the ability to better protect personally identifiable information (PII).
Here’s the news release from the The United States Attorney’s Office for the Southern District of Texas…
“AMEGY BANK EMPLOYEE SENTENCED FOR IDENTITY THEFT
(HOUSTON, Texas) – Former Amegy Bank senior banker Lamont Wallace, 34, of Houston, Texas, has been sentenced to 36 months in federal prison, U.S. Attorney Don DeGabrielle announced today. U.S. District Judge Sim Lake also sentenced co-defendant Ifeyhewen Badidi, a 34-year-old illegal immigrant from Liberia, to 57 months in federal prison.
Wallace pleaded guilty to conspiracy to commit bank fraud and aggravated identity theft, while Badidi pleaded guilty to mail fraud and aggravated identity theft. Wallace was also ordered to serve three years supervised release after he completes his prison term. It is expected that Badidi will be deported after he has served his sentence.
Senior banker Lamont Wallace acquired the personal bank account information of Amegy Bank customers and sold the information to an individual named Chukwemeka Felix Iroh. Iroh and Badidi used that information to unlawfully transfer funds from the accounts to other bank accounts the conspirators had established using the stolen identity of others. Investigators discovered a total of $161,000 unlawfully transferred from the compromised Amegy Bank accounts. Bank investigators detected the scheme and froze the funds before the conspirators could withdraw the money.
Iroh, a Nigerian national, pleaded guilty to conspiracy to commit bank fraud and aggravated identity theft and is scheduled to be sentenced May 22, 2008. Both Badidi and Iroh have been in federal custody since there arrest in May 2007. Wallace has been permitted to remain free on bond pending an order to surrender to a Bureau of Prisons facility to be determined in the near future.
This case was investigated by Inspectors of the United States Postal Inspection Service and is being prosecuted by Assistant United States Attorney Jay Hileman.”
Think about the controls that could have been in place to help prevent this type of co-conspiracy from occurring in the first place…there are several.
Tags: awareness and training, Chukwemeka Felix Iroh, Ifeyhewen Badidi, Information Security, insider threat, IT compliance, Lamont Wallace, personally identifiable information, PII, policies and procedures, privacy, risk management, security awareness, security training