DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Maryland Man Pleads Guilty to Conspiracy to Commit Wire Fraud

Posted on April 16, 2025 by Dissent

Minh Phoung Ngoc Vong Participated in a Multi-Year Fraudulent Scheme to Obtain Remote Information Technology Work With U.S. Companies and Government Agencies for Persons Based in China

Minh Phuong Ngoc Vong, 40, of Bowie, Maryland, pleaded guilty today to conspiracy to commit wire fraud in connection with a scheme whereby he conspired with unknown individuals, including John Doe, also known as William James, a foreign national living in Shenyang, China, to defraud U.S. companies into hiring Vong as a remote software developer. After securing these jobs through materially false statements about his education, training, and experience, Vong allowed Doe and others to use his computer access credentials to perform the remote software development work and receive payment for that work.

According to the plea agreement, on Jan. 30, 2023, Doe submitted a fraudulent resume in Vong’s name to a Virginia-based technology company for the position of web application developer, which required U.S. citizenship as a condition of employment. The resume falsely represented that Vong had a Bachelor of Science degree and 16 years of experience as a software developer. In fact, Vong had no college degree or experience in software development.

On March 28, 2023, Vong participated in an online job interview with the CEO of the Virginia-based company and verified his identity and citizenship by showing his Maryland driver’s license and U.S. passport. Following the interview, the Virginia-based company hired Vong and assigned him to work on a contract for the Federal Aviation Administration (FAA) involving a particular software application used by various U.S. government agencies to manage sensitive information regarding national defense matters. The Virginia-based company provided Vong with a laptop to use in connection with his employment, and the FAA authorized Vong to receive a Personal Identity Verification (PIV) card to access government facilities and systems. Vong installed remote access software on the laptop to facilitate Doe’s access to it and conceal his location in China.

Between March 2023 and July 2023, Doe used Vong’s credentials to perform the software development work from his location in China. The Virginia-based company paid Vong more than $28,000 in wages for work performed by Doe, portions of which Vong then sent overseas to Doe and other conspirators.

As part of his guilty plea, Vong admitted that the Virginia-based company was not the only company he and his co-conspirators defrauded. Between 2021 and 2024, Vong used fraudulent misrepresentations to obtain employment with at least 13 different U.S. companies, who collectively paid Vong a total of more than $970,000 in salary for software development services that were, unbeknownst to them, performed by Doe and/or other overseas conspirators. Several of these defrauded companies contracted out Vong’s services to U.S. government agencies in addition to the FAA. As a result of Vong’s fraudulent misrepresentations, these government agencies unknowingly granted Vong’s co-conspirators access to sensitive U.S. government systems, which they accessed from China.

Vong faces a maximum sentence of 20 years in prison. U.S. District Judge Deborah Boardman for the District of Maryland scheduled sentencing for Aug. 28. A federal district court judge will determine any sentence after considering the U.S. Sentencing Guidelines and other statutory factors.

The FBI Baltimore Field Office is investigating the case.

Assistant U.S. Attorney Christina A. Hoffman for the District of Maryland is prosecuting the case with valuable assistance provided by Trial Attorney Alexandra Cooper-Ponte of the National Security Division’s National Security Cyber Section.

Under the Department-wide DPRK RevGen: Domestic Enabler Initiative,  launched in March 2024 by the National Security Division and the FBI’s Cyber and Counterintelligence Divisions, Department prosecutors and agents are prioritizing the identification and shuttering of U.S.-based “laptop farms” – locations hosting laptops provided by victim U.S. companies to individuals they believed were legitimate U.S.-based freelance IT workers – and the investigation and prosecution of individuals hosting them. Today’s announcement follows successful actions taken by the Department in October 2023, May 2024, August 2024, December 2024, and January 2025, which targeted similar and related conduct.

Source: U.S. Department of Justice, April 15, 2025

Category: Insider

Post navigation

← South Africa Introduces Mandatory e-Portal Reporting for Data Breaches
Nude photos and names: KU Health and Kansas hospital sued for data breach →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • CoinMarketCap Hacked, Scrambles to Remove Malicious Wallet Verification Popup
  • Montana Attorney General launches investigation into Lee Enterprises data breach
  • AT&T gets preliminary approval for $177 million data breach settlement
  • Aflac notifies SEC of breach suspected to be work of Scattered Spider
  • Former JBLM soldier pleads guilty to attempting to share military secrets with China
  • No, the 16 billion credentials leak is not a new data breach — a wake-up call about fake news (Updated)
  • Tonga’s health system hit by cyberattack (1)
  • Russia Expert Falls Prey to Elite Hackers Disguised as US Officials
  • Proposed class action settlement in In re Netgain Technology litigation
  • Qilin Offers “Call a lawyer” Button For Affiliates Attempting To Extort Ransoms From Victims Who Won’t Pay

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The Markup caught 4 more states sharing personal health data with Big Tech
  • Privacy in the Big Sky State: Montana’s Consumer Privacy Law Gets Amended
  • UK Passes Data Use and Access Regulation Bill
  • Officials defend Liberal bill that would force hospitals, banks, hotels to hand over data
  • US Judge Invalidates Biden Rule Protecting Privacy for Abortions
  • DOJ’s Data Security Program: Key Compliance Considerations for Impacted Entities
  • 23andMe fined £2.31 million for failing to protect UK users’ genetic data

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.