DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Former employee of Veterans Affairs indicted for attempted sale of personal info of veterans and employees

Posted on January 26, 2018 by Dissent

LITTLE ROCK—Cody Hiland, United States Attorney for the Eastern District of Arkansas, announced today the unsealing of an indictment charging Phillip Hill, 32, of Benton, a former Department of Veterans Affairs (VA) database manager, with attempting to sell the personal information of veterans and VA employees.

The indictment, returned by a grand jury in the Eastern District of Arkansas on January 9, 2018, and unsealed today, charges Hill with attempted trafficking of access devices (i.e., social security numbers), aggravated identity theft, and possession of device-making equipment. Hill was previously arrested on December 17, 2017, and charged via complaint on December 18, 2017. Today Hill appeared before United States Magistrate Judge Joe J. Volpe and was released on bond. Trial is set for March 5, 2018.

The investigation revealed that Hill offered to sell the personal data of veterans, their dependents, and VA employees for $100,000 to a confidential source working with law enforcement. Hill was terminated by the VA on December 6, 2017. After being fired from the VA, Hill said he could still access the information remotely with a VA computer in his possession, or by stealing a VA server. Hill was arrested outside a secure area at the VA that housed the data he was offering for sale. Law enforcement officers executing a search warrant found a VA computer in Hill’s home.

“Mr. Hill tried to use his position and skills to enrich himself at the expense of veterans who have honorably served our country, and the VA employees working to serve them,” Hiland said. “This indictment reflects our commitment to defending our veterans and federal employees from those who take advantage of their public service by illegally accessing and selling their personal information. It will not be tolerated and will be prosecuted to the fullest extent of the law.”

Law enforcement officers arrested Hill before he could sell the VA data. Through a variety of investigative methods, investigators also discovered that Hill committed aggravated identity theft by using the personal information of another person, and illegally possessed blank identification cards.

The maximum penalty for trafficking in social security numbers is up to 10 years’ imprisonment and three years of supervised release. The penalty for aggravated identity theft is two years’ imprisonment and one year of supervised release. The maximum penalty for possessing access device-making equipment is up to 15 years’ imprisonment and three years of supervised release. Additionally, each of these offenses is also punishable by a fine of not more than $250,000.

The case is being investigated by the Department of Veterans Affairs, Office of Inspector General, and United States Secret Service. It is being prosecuted by Assistant United States Attorneys Ali Ahmad and Hunter Bridges.

An indictment contains only allegations. A defendant is presumed innocent unless and until proven guilty.

Source: U.S. Attorney’s Office, Eastern District of Arkansas

Related posts:

  • Veterans Administration responds to Freedom of Information request; releases breach reports
  • Operation Phish Phry reels in 100 in U.S. and Egypt
  • IRS’s Top 10 Identity Theft Prosecutions
Category: Government SectorInsiderU.S.

Post navigation

← NM: Dr. Zachary E. Adkins DDS, LLC notifies patients of stolen hard drive
Jail for man who hacked 1000 student email accounts in search for sexually explicit images →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders
  • Potential Cyberattack Scrambles Columbia University Computer Systems
  • 222,000 customer records allegedly from Manhattan Parking Group leaked
  • Breaches have consequences (sometimes) (1)
  • Kansas City Man Pleads Guilty for Hacking a Non-Profit
  • British national “IntelBroker” charged with causing $25 million in damages; U.S. seeks his extradition from France
  • France issues press statement about arrest of ShinyHunters members
  • Patients Allege Home Delivery Pharmacy Failed to Timely Notify Them of Data Breach

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data
  • Sacred Secrets: The Biblical Case for Privacy and Data Protection
  • Microsoft’s Departing Privacy Chief Calls for Regulator Outreach
  • Nestle USA Settles Suit Over Job-Application Medical Questions
  • NY Attorney General James Affirms Hospitals Must Provide Access to Emergency Abortion Care
  • How Internet of Things devices affect your privacy – even when they’re not yours

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.