Russian Hacker Stole Identities of Congressional Medal of Honor Recipients in Sordid Scheme
01 Mar 2021

A Russian hacker stole the identities of 22 of 75 living U.S. Congressional Medal of Honor recipients, using their pilfered personal data to buy tens of thousands of dollars worth of Apple products and luxury watches from American military exchanges, according to a Secret Service search warrant application obtained by The Daily Beast.

The hot merchandise was then shipped to at least 20 different addresses in the United States, using unwitting dupes—hired through seemingly benign online ads—who then forwarded the packages to a Moscow suburb that is home to a training academy for a Russian spy agency. In all, the scammer netted nearly $55,000 in stolen goods, in roughly 50 separate transactions, said investigators. The individual honorees whose personal information was used are not named in the filing, which was unsealed in December 2020.

The Congressional Medal of Honor is the nation’s highest military award for acts of valor, and was first awarded in 1863. The existence of the identity theft investigation had not been previously revealed.

U.S. military veterans report being victims of identity theft 76 percent more often than members of the civilian population, according to the Federal Trade Commission (FTC). Last year, the FTC received 56,451 reports of identity theft from members of the military, with a median loss to fraud of $600, roughly double the $311 lost to scammers by civilians. The investigation into the Congressional Medal of Honor identity thefts began just a few months before the April 2014 hack of the U.S. Office of Personnel Management (OPM) exposed the personal information, including Social Security numbers, of millions of troops and vets going back nearly 15 years. Authorities were unaware of the (OPM) breach until March 2015, giving the hackers about a year to operate undetected.

The Secret Service—which investigates financial crime in addition to its more well-known protective duties—first learned of the Congressional Medal of Honor ID scam in February 2014. The stolen personal data had been used to establish fraudulent lines of credit through the Army and Air Force Exchange Service (AAFES), a network of retail stores on military bases operated by the Department of Defense. Those accounts were then used to purchase pricey goods from AAFES in the honorees’ names, being shipped to roughly 20 different addresses around the United States. From there, the packages were forwarded on to Balashikha, a city about 15 miles east of Moscow. The training academy for Russia’s Federal Security Service, the successor to the KGB, is located there.

By Justin Rohrlich, The Daily Beast, 28 February 2021

Read more at The Daily Beast

RiskScreen: Tackling Financial Crime with Smart Technology

You can claim CPD minutes for this content, by signing up to our CPD Wallet