Three women from Houston, Texas, have been indicted for allegedly stealing personal information from passports and using it for identity theft.
One of them, Chloe McClendon, 26, was a contract employee who worked in the Department of State’s Passport Agency.
The alleged data leakage went on for years: the indictment says it started in about 2010 and wound up just a few months ago, on or around 3 March.
The indictment mentions only four victims, citing their initials only.
But one imagines that many more people might have been affected over the course of some five years of data pilfering. If that’s the case, we might hear of a wider impact in the future as the government conducts forensics.
Last month, The Washington Post reported that the US Passport Agency had banned contractors from bringing mobile phones to work and was planning to extend the rule to government employees as well.
We could assume that the new rule was brought in as a reaction to this case – the newspaper reports that rumor has it that the move was spurred by “a contractor in Houston [who] was taking pictures of private information on passports”.
The Passport Agency didn’t confirm that rumor, but the State Department did confirm the new policy.
The paper quoted an official:
The Department has a serious and important obligation to protect the personally identifiable information (PII) of US citizens applying for passports. Prohibiting cellphones throughout our Passport Agencies, where employees review and process passport applications, is an effort to further protect passport applicant's PII.
Rob Arnold, president of the National Federation of Federal Employees (NFFE) Local 1998 that represents Passport Agency workers nationwide, told the Washington Post that barring employees from carrying mobile phones and laptops is “a ridiculous overreach.”
The new rule is hurting morale, he said, as workers feel that they’re not trusted.
Prosecutors said in court documents that since 2010, the defendants in this case used the stolen names, addresses and taxpayer IDs from people’s passports to create fake identity documents and then recruited other people to use those identities to get credit and to buy iPhones, iPads, and other electronic goodies.
The indictment was returned last week against McClendon, Domonique Thomas, 25, and Alicia Myles, 31, all of Houston.
The court filing charges each of the three defendants with one count of conspiracy to commit wire fraud, four counts of wire fraud and four counts of aggravated identify theft.
US Attorney Kenneth Magidson, along with Wayne May, special agent in charge of the Houston field office of the US Department of State’s Diplomatic Security Service (DSS) announced on 7 May that Thomas had been taken into custody, while McClendon surrendered to federal authorities.
As of last Thursday, there was still an outstanding warrant for Myles.Follow @NakedSecurity