Security News > 2022 > January > US DoD staffer with top-secret clearance stole identities from work systems to apply for loans

A US Department of Defense staffer with top-secret clearance stole the identities of dozens of people from a work IT system to fraudulently apply for loans totaling nearly a quarter of a million dollars.

Lee, who worked for Uncle Sam's Defense Contract Management Agency as an analyst, raided the organization's Microsoft SharePoint system for people's private data to pull off his greedy scheme.

Over a two-year period, starting from September 2018, Lee harvested personal information - including social security numbers, birth dates, addresses, and government employment forms - on at least 37 people, according to prosecutors.

Lee used these details to create fake IDs, which were in turn used with fabricated pay stubs, bank statements, and tax documents to apply for loans.

According to prosecutors, Lee created a Gmail account to masquerade as one of its colleagues, and using data pulled from the DCMA 360 SharePoint site, in March 2020 applied for at least eight bank accounts and loans as his victim.

Security Update 2022-001 Catalina: Five vulnerabilities including one that can be exploited by bad apps to gain kernel-level access to the system.

News URL

https://go.theregister.com/feed/www.theregister.com/2022/01/27/dod_sharepoint_apple_white_house/