DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Former Mount Sinai Medical Center employee convicted in patient ID theft for tax refund fraud scheme

Posted on October 25, 2013 by Dissent

Oliver Gayle of Miami has been convicted in an tax refund scheme involving the theft of patient information from Mount Sinai Medical Center. Gayle, who was employed as a temp, had a previous felony conviction on RICO/racketeering charges  prior to his employment at the medical center.  The South Florida Business Journal asked the medical center how he obtained employment with that criminal background. The medical center sent them a statement:

“The temp agency provided a false background check on Mr. Gayle. The document did not include his prior conviction for racketeering and the date was deleted, which masked the fact that the background check was one year old. We no longer do business with this agency and have revised our background check process so this will not happen again.”

According to testimony and evidence presented at trial, on February 27, 2013, the Aventura Police Department stopped a vehicle driven by Gayle after being alerted by a U.S. bank of an individual who attempted to cash a fraudulent check. Gayle presented a Jamaican passport as his form of identification. During an inventory search of the vehicle driven by Gayle, officers uncovered a black bag containing over 100 printouts from Mt. Sinai Medical Center Account Inquiry Processor with multiple names, dates of birth, social security numbers, and addresses of patients on each printout. Additionally, photocopies of checks written to Mt. Sinai Medical Center from various individuals with a photocopy of the corresponding billing statement from Mt. Sinai were found in the bag.

According to court documents and trial testimony, during a consensual search of Gayle’s residence, law enforcement found multiple printouts from Mt. Sinai Medical Center that appeared similar to the ones found in his black bag. Law enforcement also found copies of U.S. Treasury checks; a document labeled “HIT LIST” with a list of names, Social Security numbers and dates of birth; several tax returns in the names of other individuals; multiple Tax Act and Turbo Tax pre-paid debit cards issued in the names of other individuals; a Jamaican passport in Gayle’s name containing a counterfeit U.S. visa; and, an identification badge for Mt. Sinai Medical Center with Gayle’s name and photo.

Sentencing is scheduled for January 9, 2014 at 10:00 a.m. before U.S. District Judge Donald L. Graham.

This is not the first insider breach at Mount Sinai Medical Center reported on this blog.  In May 2012, the same U.S. Attorney’s Office announced the arrest of Keiondra Sheri Williams, who was employed as a specimen control clerk. As in the Gayle case, the data theft was discovered in the course of a search following a vehicle stop. And in both cases, printouts with patient information were found:

The affidavit filed in support of the criminal complaint alleges that on March 24, 2011, North Miami Beach Police Department stopped a vehicle for reckless driving. During a consensual search of the vehicle, law enforcement found a brief case containing what appeared to be personal identifying information from patients at Mount Sinai Hospital. The briefcase also contained seven (7) credit cards and approximately eleven (11) computer screen print outs from Mount Sinai Hospital. The words “Duplicate SS” or “IRS Accepted” were handwritten on several pages of these hospital printouts.

According to the complaint, subsequent investigation revealed that the eleven (11) computer screen print outs were printed by defendant Williams, who was employed at Mount Sinai Hospital as a specimen control clerk. The investigation revealed that within five days, Williams accessed and printed approximately 339 patient records that contained names, social security numbers, patient identification, and dates of birth. Williams had no lawful reason nor did he have authorized access to view or print these patient records. On May 30, 2012, members of the IRS Identity Theft Task Force arrested Williams in Miami Gardens.

So what steps did the medical center take after the Williams case to prevent a recurrence? And how is it that they seemingly neither prevented nor detected Gayle’s activities?

SOURCE: U.S. Attorney’s Office, Southern District of Florida and media sources

Category: Health Data

Post navigation

← Notice for Allina Health patients regarding privacy incident
Online security breach at SAH disgruntles many job seekers →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • AMI Group – Travel & Tours notice of ransomware attack
  • Resource: Insider Threat reports
  • Za: Cyber extortionist sentenced to eight years in jail
  • ICE takes steps to deport the Australian hacker known as “DR32”
  • Hearing on the Federal Government and AI
  • Nigerian National Sentenced To More Than Five Years For Hacking, Fraud, And Identity Theft Scheme
  • Data breach of patient info ends in firing of Miami hospital employee
  • Texas DOT investigates breach of crash report records, sends notification letters
  • PowerSchool hacker pleads guilty, released on personal recognizance bond
  • Rewards for Justice offers $10M reward for info on RedLine developer or RedLine’s use by foreign governments

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The Decision That Murdered Privacy
  • Hearing on the Federal Government and AI
  • California county accused of using drones to spy on residents
  • How the FBI Sought a Warrant to Search Instagram of Columbia Student Protesters
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Malaysia enacts data sharing rules for public sector
  • U.S. Enacts Take It Down Act

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.