Last week, I posted a copy of a press release from the US Attorney’s Office in Maryland stating that Shanell Angelia Bowser had pleaded guilty to stealing personally identifying information of insurance claimants submitted to her employer, described as an unnamed medical insurance adjuster. The release also mentioned that Bowser and/or her co-schemers had also stolen patient information from an unnamed local health care facility. In total, the information of at least 207 individuals was used in at least 373 applications for credit accounts from financial institutions. Of those applications, at least 125 fraudulent accounts were opened and used to make purchases in the names of 89 individual victims.
DataBreaches.net can now report that the health care facility was Johns Hopkins, and that this was not a breach that has been previously reported in the media. According to hospital spokesperson Gary Stephenson, in late 2005, the hospital terminated an employee after learning of the theft. They notified 111 known or potentially affected patients or family members, suggesting that the remaining victims were individuals whose data were stolen from the insurance adjuster’s firm. The U.S. Attorney’s Office tells DataBreaches.net that the hospital employee was Michelle Courtney Johnson. Johnson was indicted at the same time as Bowser. Her case is awaiting trial.
Johnson’s co-schemer, Bowser, was employed by Crawford & Company. Crawford & Company’s web site describes them as the world’s largest independent provider of claims management and related solutions to the risk management and insurance industry as well as self-insured entities. It has a global network of more than 700 locations in 63 countries.
According to her guilty plea, Bowser was stealing claimant data from August 2005 to November 2008. The Maryland Attorney General’s Office informs DataBreaches.net that the firm did not submit any breach notification. Calls to the company requesting clarification and a response to the guilty plea were not returned by the time of publication.