DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Former Mount Sinai Medical Center employee convicted in patient ID theft for tax refund fraud scheme

Posted on October 25, 2013 by Dissent

Oliver Gayle of Miami has been convicted in an tax refund scheme involving the theft of patient information from Mount Sinai Medical Center. Gayle, who was employed as a temp, had a previous felony conviction on RICO/racketeering charges  prior to his employment at the medical center.  The South Florida Business Journal asked the medical center how he obtained employment with that criminal background. The medical center sent them a statement:

“The temp agency provided a false background check on Mr. Gayle. The document did not include his prior conviction for racketeering and the date was deleted, which masked the fact that the background check was one year old. We no longer do business with this agency and have revised our background check process so this will not happen again.”

According to testimony and evidence presented at trial, on February 27, 2013, the Aventura Police Department stopped a vehicle driven by Gayle after being alerted by a U.S. bank of an individual who attempted to cash a fraudulent check. Gayle presented a Jamaican passport as his form of identification. During an inventory search of the vehicle driven by Gayle, officers uncovered a black bag containing over 100 printouts from Mt. Sinai Medical Center Account Inquiry Processor with multiple names, dates of birth, social security numbers, and addresses of patients on each printout. Additionally, photocopies of checks written to Mt. Sinai Medical Center from various individuals with a photocopy of the corresponding billing statement from Mt. Sinai were found in the bag.

According to court documents and trial testimony, during a consensual search of Gayle’s residence, law enforcement found multiple printouts from Mt. Sinai Medical Center that appeared similar to the ones found in his black bag. Law enforcement also found copies of U.S. Treasury checks; a document labeled “HIT LIST” with a list of names, Social Security numbers and dates of birth; several tax returns in the names of other individuals; multiple Tax Act and Turbo Tax pre-paid debit cards issued in the names of other individuals; a Jamaican passport in Gayle’s name containing a counterfeit U.S. visa; and, an identification badge for Mt. Sinai Medical Center with Gayle’s name and photo.

Sentencing is scheduled for January 9, 2014 at 10:00 a.m. before U.S. District Judge Donald L. Graham.

This is not the first insider breach at Mount Sinai Medical Center reported on this blog.  In May 2012, the same U.S. Attorney’s Office announced the arrest of Keiondra Sheri Williams, who was employed as a specimen control clerk. As in the Gayle case, the data theft was discovered in the course of a search following a vehicle stop. And in both cases, printouts with patient information were found:

The affidavit filed in support of the criminal complaint alleges that on March 24, 2011, North Miami Beach Police Department stopped a vehicle for reckless driving. During a consensual search of the vehicle, law enforcement found a brief case containing what appeared to be personal identifying information from patients at Mount Sinai Hospital. The briefcase also contained seven (7) credit cards and approximately eleven (11) computer screen print outs from Mount Sinai Hospital. The words “Duplicate SS” or “IRS Accepted” were handwritten on several pages of these hospital printouts.

According to the complaint, subsequent investigation revealed that the eleven (11) computer screen print outs were printed by defendant Williams, who was employed at Mount Sinai Hospital as a specimen control clerk. The investigation revealed that within five days, Williams accessed and printed approximately 339 patient records that contained names, social security numbers, patient identification, and dates of birth. Williams had no lawful reason nor did he have authorized access to view or print these patient records. On May 30, 2012, members of the IRS Identity Theft Task Force arrested Williams in Miami Gardens.

So what steps did the medical center take after the Williams case to prevent a recurrence? And how is it that they seemingly neither prevented nor detected Gayle’s activities?

SOURCE: U.S. Attorney’s Office, Southern District of Florida and media sources

Category: Health Data

Post navigation

← Notice for Allina Health patients regarding privacy incident
Online security breach at SAH disgruntles many job seekers →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Turkish Group Hacks Zero-Day Flaw to Spy on Kurdish Forces
  • Cyberattacks on Long Island Schools Highlight Growing Threat
  • Dior faces scrutiny, fine in Korea for insufficient data breach reporting; data of wealthy clients in China, South Korea stolen
  • Administrator Of Online Criminal Marketplace Extradited From Kosovo To The United States
  • Twilio denies breach following leak of alleged Steam 2FA codes
  • Personal information exposed by Australian Human Rights Commission data breach
  • International cybercrime tackled: Amsterdam police and FBI dismantle proxy service Anyproxy
  • Moldovan Police Arrest Suspect in €4.5M Ransomware Attack on Dutch Research Agency
  • N.W.T.’s medical record system under the microscope after 2 reported cases of snooping
  • Department of Justice says Berkeley Research Group data breach may have exposed information on diocesan sex abuse survivors

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • License Plate Reader Company Flock Is Building a Massive People Lookup Tool, Leak Shows
  • FTC dismisses privacy concerns in Google breakup
  • ARC sells airline ticket records to ICE and others
  • Clothing Retailer, Todd Snyder, Inc., Settles CPPA Allegations Regarding California Consumer Privacy Act Violations
  • US Customs and Border Protection Plans to Photograph Everyone Exiting the US by Car
  • Google agrees to pay Texas $1.4 billion data privacy settlement
  • The App Store Freedom Act Compromises User Privacy To Punish Big Tech

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.