DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Maryland Man Pleads Guilty to Conspiracy to Commit Wire Fraud

Posted on April 16, 2025 by Dissent

Minh Phoung Ngoc Vong Participated in a Multi-Year Fraudulent Scheme to Obtain Remote Information Technology Work With U.S. Companies and Government Agencies for Persons Based in China

Minh Phuong Ngoc Vong, 40, of Bowie, Maryland, pleaded guilty today to conspiracy to commit wire fraud in connection with a scheme whereby he conspired with unknown individuals, including John Doe, also known as William James, a foreign national living in Shenyang, China, to defraud U.S. companies into hiring Vong as a remote software developer. After securing these jobs through materially false statements about his education, training, and experience, Vong allowed Doe and others to use his computer access credentials to perform the remote software development work and receive payment for that work.

According to the plea agreement, on Jan. 30, 2023, Doe submitted a fraudulent resume in Vong’s name to a Virginia-based technology company for the position of web application developer, which required U.S. citizenship as a condition of employment. The resume falsely represented that Vong had a Bachelor of Science degree and 16 years of experience as a software developer. In fact, Vong had no college degree or experience in software development.

On March 28, 2023, Vong participated in an online job interview with the CEO of the Virginia-based company and verified his identity and citizenship by showing his Maryland driver’s license and U.S. passport. Following the interview, the Virginia-based company hired Vong and assigned him to work on a contract for the Federal Aviation Administration (FAA) involving a particular software application used by various U.S. government agencies to manage sensitive information regarding national defense matters. The Virginia-based company provided Vong with a laptop to use in connection with his employment, and the FAA authorized Vong to receive a Personal Identity Verification (PIV) card to access government facilities and systems. Vong installed remote access software on the laptop to facilitate Doe’s access to it and conceal his location in China.

Between March 2023 and July 2023, Doe used Vong’s credentials to perform the software development work from his location in China. The Virginia-based company paid Vong more than $28,000 in wages for work performed by Doe, portions of which Vong then sent overseas to Doe and other conspirators.

As part of his guilty plea, Vong admitted that the Virginia-based company was not the only company he and his co-conspirators defrauded. Between 2021 and 2024, Vong used fraudulent misrepresentations to obtain employment with at least 13 different U.S. companies, who collectively paid Vong a total of more than $970,000 in salary for software development services that were, unbeknownst to them, performed by Doe and/or other overseas conspirators. Several of these defrauded companies contracted out Vong’s services to U.S. government agencies in addition to the FAA. As a result of Vong’s fraudulent misrepresentations, these government agencies unknowingly granted Vong’s co-conspirators access to sensitive U.S. government systems, which they accessed from China.

Vong faces a maximum sentence of 20 years in prison. U.S. District Judge Deborah Boardman for the District of Maryland scheduled sentencing for Aug. 28. A federal district court judge will determine any sentence after considering the U.S. Sentencing Guidelines and other statutory factors.

The FBI Baltimore Field Office is investigating the case.

Assistant U.S. Attorney Christina A. Hoffman for the District of Maryland is prosecuting the case with valuable assistance provided by Trial Attorney Alexandra Cooper-Ponte of the National Security Division’s National Security Cyber Section.

Under the Department-wide DPRK RevGen: Domestic Enabler Initiative,  launched in March 2024 by the National Security Division and the FBI’s Cyber and Counterintelligence Divisions, Department prosecutors and agents are prioritizing the identification and shuttering of U.S.-based “laptop farms” – locations hosting laptops provided by victim U.S. companies to individuals they believed were legitimate U.S.-based freelance IT workers – and the investigation and prosecution of individuals hosting them. Today’s announcement follows successful actions taken by the Department in October 2023, May 2024, August 2024, December 2024, and January 2025, which targeted similar and related conduct.

Source: U.S. Department of Justice, April 15, 2025

Category: Insider

Post navigation

← South Africa Introduces Mandatory e-Portal Reporting for Data Breaches
Nude photos and names: KU Health and Kansas hospital sued for data breach →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Nova Scotia Power hit by cyberattack, critical infrastructure targeted, no outages reported
  • Georgia hospital defeats data-tracking lawsuit
  • 60K BTC Wallets Tied to LockBit Ransomware Gang Leaked
  • UK: Legal Aid Agency hit by cyber security incident
  • Public notice for individuals affected by an information security breach in the Social Services, Health Care and Rescue Services Division of Helsinki
  • PowerSchool paid a hacker’s extortion demand, but now school district clients are being extorted anyway (3)
  • Defending Against UNC3944: Cybercrime Hardening Guidance from the Frontlines
  • Call for Public Input: Essential Cybersecurity Protections for K-12 Schools (2025-26 SY)
  • Cyberattack puts healthcare on hold for hundreds in St. Louis metro
  • Europol: DDoS-for-hire empire brought down: Poland arrests 4 administrators, US seizes 9 domains

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Apple Siri Eavesdropping Payout Deadline Confirmed—How To Make A Claim
  • Privacy matters to Canadians – Privacy Commissioner of Canada marks Privacy Awareness Week with release of latest survey results
  • Missouri Clinic Must Give State AG Minor Trans Care Information
  • Georgia hospital defeats data-tracking lawsuit
  • No Postal Service Data Sharing to Deport Immigrants
  • DOGE aims to pool federal data, putting personal information at risk
  • Privacy concerns swirl around HHS plan to build Medicare, Medicaid database on autism

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.