There’s an update to a case previously noted on this blog.
A member of an international cybercrime, identity theft and credit card fraud conspiracy was sentenced yesterday to 21 months in prison for using information hacked from customer accounts held at more than a dozen banks, brokerage firms, payroll processing companies and government agencies in an attempt to steal at least $15 million from American customers, U.S. Attorney Paul J. Fishman of New Jersey announced.
Robert Dubuc, 41, of Malden, Massachusetts, previously pleaded guilty before U.S. District Judge Peter G. Sheridan to an information charging him with one count of wire fraud conspiracy and one count of conspiracy to commit access device fraud and identity theft. Judge Sheridan imposed the sentence today in Trenton federal court.
According to documents filed in the case and statements made in court:
Both Dubuc and Oleg Pidtergerya, 50, of Brooklyn, New York, were asked by leaders of the conspiracy to participate in a scheme to “cash out” bank accounts and pre-paid debit cards opened in the names of others. Oleksiy Sharapka, 34, of Kiev, Ukraine, allegedly directed the conspiracy with the help of Leonid Yanovitsky, 39, also of Kiev. Pidtergerya managed a cash-out crew in New York for Sharapka and Yanovitsky, and defendant Dubuc controlled a cash-out crew in Massachusetts for the organization.
Conspiring hackers first gained unauthorized access to the bank accounts of customers of more than a dozen global financial institutions and businesses, including: Aon Hewitt; Automatic Data Processing Inc.; Citibank N.A.; E-Trade; Electronic Payments Inc.; Fundtech Holdings LLC, iPayment Inc.; JP Morgan Chase Bank N.A.; Nordstrom Bank; PayPal; TD Ameritrade; U.S. Department of Defense, Defense Finance and Accounting Service; TIAA-CREF; USAA; and Veracity Payment Solutions Inc.
After obtaining unauthorized access to the bank accounts, Sharapka and Yanovitsky diverted money to other bank accounts and pre-paid debit cards they controlled. They then implemented a sophisticated “cash-out” operation, employing crews of individuals known as “cashers” to withdraw the stolen funds from the fraudulent accounts, among other ways, by making ATM withdrawals and fraudulent purchases in New York, Massachusetts, Illinois, Georgia and elsewhere. Both Sharapka and Yanovitsky are under indictment in the United States and remain at large.
During their guilty plea proceedings, Pidtergerya and Dubuc admitted they were aware fraudulent accounts and cards were created without the consent of the individuals in whose names they were opened. Both men admitted coordinating ATM and bank withdrawals of the stolen funds. In addition they admitted to sending proceeds of the fraud to Sharapka and Yanovitsky in Ukraine.
The government’s ongoing investigation into the organization has so far identified attempts to defraud the victim companies and their customers of more than $15 million.
In addition to the prison term, Judge Sheridan sentenced Dubuc to serve three years of supervised release and pay restitution in the amount of $338,685. Sentencing for Pidtergerya is scheduled for Dec. 22, 2014.
SOURCE: U.S. Attorney’s Office, District of New Jersey