The alleged hacker who breached the human resource databases of University of Pittsburgh Medical Center in 2014 was arrested this week in Detroit, the Department of Justice announced.
The man, Justin Sean Johnson, aka “TDS” and “DS,” 29, was indicted on charges of conspiracy, wire fraud and aggravated identity and is believed to have sold exfiltrated personally identifiable information (PII) and W-2 information on the dark web.
Johnson is accused of infiltrating the human resource server databases at UPMC in January 2014, as well as of stealing information he later sold on dark web forums. The sold UPMC employee PII was then used to file hundreds of false form 1040 tax returns in 2014.
According to the indictment, these false 1040 filings claimed hundreds of thousands of dollars of tax refunds. The cybercriminals who filed these forms converted the funds into Amazon gift cards, and used those to purchase merchandise that was shipped to Venezuela.
The indictment also alleges that, between 2014 and 2017, Johnson regularly sold other PII on underground forums.
“The scheme resulted in approximately $1.7 million in false tax return refunds,” the DoJ says.
For conspiracy to defraud the United States, he faces a maximum sentence of five years in prison and a $250,000 fine. Johnson also faces 20 years in prison and a fine of $250,000 for each count of wire fraud, and a mandatory 24 months in prison and a fine of $250,000 for each count of aggravated identity theft.
“Justin Johnson stands accused of stealing the names, Social Security numbers, addresses and salary information of every employee of Pennsylvania’s largest health care system,” said US Attorney Scott W. Brady. “After his hack, Johnson then sold UPMC employees’ PII to buyers around the world on dark web marketplaces, who in turn engaged in massive campaign of further scams and theft. His theft left over 65,000 victims vulnerable to years of potential financial fraud.”
Related: Two Indicted in $10 Million Tech Support Fraud Scheme
Related: Indictment: Hackers Charged With Making Threats to Schools
Related: Singaporean Indicted in U.S. for Illegal Crypto-Mining
More from Ionut Arghire
- Blackpoint Raises $190 Million to Help MSPs Combat Cyber Threats
- ‘Asylum Ambuscade’ Group Hit Thousands in Cybercrime, Espionage Campaigns
- Google Cloud Now Offering $1 Million Cryptomining Protection
- Pharmaceutical Giant Eisai Takes Systems Offline Following Ransomware Attack
- North Korean Hackers Blamed for $35 Million Atomic Wallet Crypto Theft
- Cisco Patches Critical Vulnerability in Enterprise Collaboration Solutions
- Android’s June 2023 Security Update Patches Exploited Arm GPU Vulnerability
- US, Israel Provide Guidance on Securing Remote Access Software
Latest News
- In Other News: AI Regulation, Layoffs, US Aerospace Attacks, Post-Quantum Encryption
- Blackpoint Raises $190 Million to Help MSPs Combat Cyber Threats
- Google Introduces SAIF, a Framework for Secure AI Development and Use
- ‘Asylum Ambuscade’ Group Hit Thousands in Cybercrime, Espionage Campaigns
- Evidence Suggests Ransomware Group Knew About MOVEit Zero-Day Since 2021
- SaaS Ransomware Attack Hit Sharepoint Online Without Using a Compromised Endpoint
- Google Cloud Now Offering $1 Million Cryptomining Protection
- Democrats and Republicans Are Skeptical of US Spying Practices, an AP-NORC Poll Finds
