Here is yet another case that reminds us of the insider threat. In this case, the defendants misused Epsilon’s algorithms to predict and sell lists of consumers most likely to respond to fraudster’s schemes’ mailings. Epsilon settled its criminal liability via a deferred prosecution agreement to pay $150 million in penalties and victim compensation and to take other steps.
The following is the government’s press release, issued yesterday, about the sentencing of former employees involved in the scheme and wrongdoing.
Some readers may remember Epsilon’s name from a massive data breach in 2011, after which they promised to build a “Fort Knox” security system. Did their security do enough to recognize the insider threat in this situation? The insider wrongdoing in this case reportedly continued between 2008 and 2017, even after Epsilon strengthened its security. Their settlement with the government in 2021 identifies yet additional steps Epsilon took following the discovery of this situation to prevent another situation of this kind.
September 30 – Two men were sentenced to prison today for selling targeted lists of U.S. consumers for the benefit of mass-mailing fraud schemes that defrauded hundreds of thousands of Americans out of tens of millions of dollars. Following a two-week trial, a federal jury convicted Robert Reger, 57, of Boulder, Colorado, and David Lytle, 64, of Leawood, Kansas, of conspiracy to commit mail and wire fraud and numerous counts of substantive mail fraud and wire fraud. For these crimes, the U.S. District Court for the District of Colorado sentenced Reger, 57, to 120 months in prison, and Lytle, 64 to 48 months in prison.
According to evidence presented at trial, over the course of 10 years, the defendants were key participants in a scheme that knowingly sold targeted lists of consumers and their addresses to perpetrators of fraud schemes involving the sending of false and deceptive mail to consumers, particularly elderly and vulnerable people. The defendants committed the crimes while working at data broker Epsilon Data Management LLC (Epsilon), which used transactional data collected from marketing clients to predict new “responsive buyers” using computer algorithms and a database of 100 million U.S. households. Evidence at trial showed that the defendants used Epsilon’s algorithms to predict and sell lists of consumers most likely to respond to the fraud schemes’ mailings. The defendants’ business unit worked with dozens of clients that sent scam letters promising large prizes or falsely personalized astrological mailings promising wealth.
Evidence at trial showed that the defendants’ crimes helped facilitate harmful fraud on the victims whose data they sold. For example, the defendants sold nearly 100 lists of names and addresses to a particular fraudster client who used the data to defraud more than 218,000 victims of more than $23.7 million. Epsilon’s data showed that many victims were repeatedly defrauded by this single scheme, including more than 12,000 victims who were defrauded more than 20 times each. At trial, elderly victims and their adult children testified about the scam letters victims received falsely promising cash prizes.
“Today’s sentences should make clear that those who illegally use Americans’ personal information to facilitate fraud will face serious consequences.” said Principal Deputy Assistant Attorney General Brian M. Boynton, head of the Justice Department’s Civil Division. “The Justice Department will investigate and prosecute individuals who use their access to our personal data to target vulnerable Americans for their own gain.”
“Far too often, we prosecute cases where criminals prey on the elderly and vulnerable,” said Acting U.S. Attorney Matt Kirsch for the District of Colorado. “This sentence demonstrates that those who exploit the most vulnerable in our society for financial gain will be prosecuted and held accountable for their despicable actions.”
“The results of this collaborative investigation with the US Postal Inspection Service and its partners, has resulted in the arrests and convictions of two individuals who knowingly helped criminals target and scam vulnerable members of our community out of millions,” said Inspector in Charge Eric Shen of U.S. Postal Inspection Service (USPIS)’s Criminal Investigations Group. “This investigation demonstrates the continued commitment of the US Postal Inspections Service, to protect our most vulnerable communities. Our dedicated fraud teams allow us to expose and target criminals who try to hide behind these complex schemes. We will continue to collaborate with our law enforcement partners to ensure these individuals face justice.”
USPIS’ Transnational Elder Fraud Strike Force investigated this matter.
Senior Trial Attorney Alistair Reader and Assistant Director Rachael Doud of the Civil Division’s Consumer Protection Branch and Assistant U.S. Attorney Rebecca Weber for the District of Colorado prosecuted the case. Senior Trial Attorney Ehren Reynolds and former Assistant U.S. Attorney Hetal Doshi for the District of Colorado also assisted in the case.
The defendants’ former employer, Epsilon resolved its criminal liability via a deferred prosecution agreement in 2021, paying $150 million in penalties and victim compensation. That victim compensation effort has returned $122 million to more than 200,000 victims of fraud schemes to which Epsilon provided data.
If you or someone you know is age 60 or older and has experienced financial fraud, experienced professionals are standing by at the National Elder Fraud Hotline at 1-833-FRAUD-11 (1-833-372-8311). This Justice Department hotline, managed by the Office for Victims of Crime, can provide personalized support to callers by assessing the needs of the victim and identifying relevant next steps. Case managers will identify appropriate reporting agencies, provide information to callers to assist them in reporting, connect callers directly with appropriate agencies and provide resources and referrals, on a case-by-case basis. Reporting is the first step. Reporting can help authorities identify those who commit fraud and reporting certain financial losses due to fraud as soon as possible can increase the likelihood of recovering losses. The hotline is open Monday through Friday from 10:00 a.m. to 6:00 p.m. ET. English, Spanish and other languages are available.
More information about the department’s efforts to help American seniors is available at its Elder Justice Initiative webpage. For more information about the Consumer Protection Branch and its enforcement efforts, visit www.justice.gov/civil/consumer-protection-branch. Elder fraud complaints can be filed with the Federal Trade Commission at www.reportfraud.ftc.gov/ or at 877-FTC-HELP. The Justice Department provides a variety of resources relating to elder fraud victimization through its Office for Victims of Crime, which can be reached at www.ovc.gov.
Updated September 30, 2024
Source: U.S. Department of Justice