Conspirators obtain identity information of 125,000 taxpayers and submit alleged false federal income tax returns seeking $6.6 million in refunds from IRS
MEDFORD, Ore. – Federal law enforcement agents arrested four individuals in conjunction with a series of search and arrest warrants executed in Maryland and Georgia based on an Oregon federal grand jury indictment unsealed today.
The individuals arrested were:
- Lateef Aina Animawun, 34, of Smyrna, Georgia;
- Oluwatobi Rueben Dehinbo, 30, of Marietta, Georgia;
- Oluwaseunara Temitope Osanyinbi, 34, of Marietta, Georgia; and
- Oluwamuyiwa Abolad Olawoye, 28, of Marietta, Georgia.
A warrant has been issued for the arrest of a fifth defendant, Emmanuel Oluwatosin Kazeem of Maryland. The remaining four defendants have made an initial appearance in Georgia, and will be arraigned in the District of Oregon at a date to be set by the Court.
The indictment alleges that, beginning at least as early as tax year 2012, the named defendants, along with others, engaged in an identity theft conspiracy, in Oregon and elsewhere, involving a scheme to obtain millions of dollars in fraudulent tax refunds from the IRS and the Oregon Department of Revenue. The allegations of the indictment detail how the conspirators spun a complex web of fraud involving the use of stolen personal identifying information (PII), falsified wage and withholding information, fraudulently generated electronic filing PINs, disposable email addresses to conceal the co-conspirators’ identities, and the receipt of fraudulent tax refunds through prepaid debit cards and third party bank accounts.
According to the indictment, the defendants and their co-conspirators allegedly obtained the names and other personal identifying information that belonged to United States taxpayers, without their knowledge or consent, by unauthorized means including the purchase of the stolen information. The stolen PII belonged to over 125,000 people and included stolen PII originating from a database owned by a pre-employment and volunteer background check company located in Oregon (the “Oregon Database”).
In total, defendants are alleged to have unlawfully obtained the identity information from a data breach of over 125,000 taxpayers and filed over 980 false federal tax returns seeking over $6.6 million in fraudulent refunds. Although the IRS rejected $4.6 million of the claimed refunds, the indictment alleges that the defendants successfully obtained $2 million in illegal refunds.
The indictment, which may be viewed here “kazeem_et_al_indictment.pdf“, charges each defendant with one count of conspiracy to commit mail and wire fraud; seven counts of mail fraud; six counts of wire fraud; and thirteen counts of aggravated identity theft. The fraud and conspiracy charges are each punishable by up to 30 years in federal prison and a fine of up to $1 million. If convicted of the aggravated identity theft charges, defendants face a mandatory minimum penalty of two years in federal prison for each count of conviction. An indictment is only an allegation of a crime. Defendants are presumed innocent until proven guilty beyond a reasonable doubt.
This case results from a joint investigation by IRS-Criminal Investigations Division, the U.S. Department of Health and Human Services, Office of Inspector General, and the Federal Bureau of Investigation, with support provided by U.S. Immigration and Customs Enforcement, United States Postal Inspection Service, the U.S. State Department, and the Oregon Department of Revenue Fraud Unit. This case is being prosecuted by District of Oregon Assistant U.S. Attorneys Byron Chatfield and Nancy Olson.
SOURCE: U.S.A.O., District of Oregon
Comment: Although I cannot be sure, this might be related to the breach reported to have affected the Archdioceses of Seattle and Portland, reported last year on this site. As of January 2015, the Archdiocese of Portland still had not determined how that breach occurred and they did not name the vendor providing background checks for them. The vendor cooperated with the forensics investigation, but did not give the Archdiocese of Portland full access to its computers, so they could not conclusively determine that there had been no breach of the vendor’s system. Similarly, in April 2015, the Archdiocese of Seattle reported that it, too, still didn’t know the source of the breach.
Update: Well, wait. Another media outlet links this breach to the CICS breach. What I don’t know is whether CICS is the firm that did the background checks for the Archdioceses. Anyone know?