(DMV photo of Kim from the OC Register)
Not sure what's wrong with this picture, but it was recently discovered that a suspected gang member (Tae Kim) got himself a job as an auditor at the Veteran's Administration, despite the fact he had a criminal record, and stole 185,000 social security numbers.
The stolen social security numbers were discovered when a search warrant was done at his house after he was implicated for using stolen (skimmed) credit card information at a jewelry store.
One of the credit cards used contained the skimmed information of Marlon Wayans, a well-known actor.
Erika M. Torres of the OC Register reports:
A man who purchased $5,600 in jewelry at a store in Tustin using three fraudulent credit cards, one belonging to actor Marlon Wayans, was arrested Thursday in Los Angeles after a months-long investigation, said Tustin police Lt. John Strain.
The investigation also uncovered from his home computer about 1.8 million Social Security numbers from the U.S. Department of Veteran Affairs, where Kim had been employed as an auditor. Veterans Affairs' officials have said only 185,000 numbers are at risk because many were repeated in the file.
Apparently Kim quit his job at the Veteran's Administration after finding out that they planned to do a criminal background check on him.
Pretty scary that a federal agency doesn't vet their employees before hiring them and then gives them access to personal and confidential information.
While data breaches are daily staples in the news, this story might suggest there are many smaller ones that no one knows about.
Given that Kim is suspected of being a member of the Koreatown gangsters and was caught using counterfeit credit cards, I wonder if he was intentionally planted at the VA for the purpose of stealing information?
In the information theft world, it wouldn't be the first time a criminal outfit planted someone in an organization with the intent of stealing information.
Bob Sullivan at MSNBC did an article in 2004 quoting studies that showed that a large amount of the information stolen was due to insider theft, here.
Another more recent story in the news is an employee at Certegy, who is now pleading guilty to stealing 2.5 million peoples information, here.
OC Register Story on Mr. Kim, here.
This isn't the first time the Veteran's Administration has been the subject of sloppy security:
In May of 2006, they lost a laptop with 26.5 million people's information from an employee's house. It was later found and the FBI stated they were pretty sure that none of the information had been used.
In August of 2006, it was reported that one of their vendors lost a laptop with 38,000 people's information on it.