A help desk worker from a tiny Long Island software firm has pleaded guilty to enabling one of the largest identity theft schemes in U.S. history. Phillip A. Cummings, 35, admitted he helped steal credit reports on some 33,000 consumers around the country, starting a scheme that netted thieves between $50 and $100 million, authorities say.
At his plea hearing, Cummings said he did not realize that his accomplices would do so much damage with the information he sold.
"I didn't know the magnification," he told U.S. District Judge George B. Daniels, who set sentencing for Jan. 11. However, he acknowledged that he knew his actions were wrong and illegal.
An English immigrant, Cummings began his job at tiny Teledata Communications, Inc. in Bayshore, New York, on Long Island in 1999. Teledata makes “credit prompter boxes,” easy-to-use credit check terminals found at more than 25,000 companies around the country. The terminals make it simple for a car dealership, cell phone shop or apartment rental office to perform routine credit checks.
Cummings wasn't at the job long -- he left in March 2000, after spending just a few months at the firm. But court documents say he left with a spreadsheet of user names and passwords to access credit reports at all three credit bureaus. The data allowed Cummings and his accomplices to impersonate firms that had rightful access to credit reports. Then they could steal credit reports at will.
The incident shined a light on troubling security practices in the nation's credit reporting system.
The scheme that Cummings enable spanned all three credit bureaus, and at least 33,000 victims, according to his indictment. It began in the spring of 2001, when someone posing as a representative of Ford Motor Credit began ordering credit reports on consumers. Before the year was out, about 13,000 credit reports were stolen by the Ford imposter. Before authorities stopped the crime ring, dozens of other companies were impersonated.
It was a highly organized effort, authorities said. Accomplice Linus Baptiste of New Rochelle, N.Y., who pleaded guilty last year to fraud and conspiracy and fraud charges, would get from "street criminals" a wish list of names and social security numbers of people whose credit histories they would like to have. Baptiste and Cummings would then arrange for access to the credit reports using the password Cummings had; they then sold the reports for $60 each, and split the proceeds.
Video: ID thief pleads guilty According to U.S. attorney James Comey, the identities were turned into cash any number of ways. Bank accounts of victims were depleted, addresses were changed on accounts, new checks were ordered, new ATM cards were ordered, new credit cards were ordered, and new lines of credits were opened and quickly drained. One elderly woman only had $1,000 in her bank account but discovered criminals had withdrawn $35,000 from it. Ultimately, $50 million to $100 million was stolen, the government says.
Two others have been arrested in connection with the case: Hakeem Muhammad, of the Bronx, who pleaded guilty to committing fraud against the victims; and Emanuel S. Ezediaro, who was arrested last year for allegedly paying thousands of dollars to Cummings and Baptiste for credit reports.
Under a plea agreement, Cummings may be sentenced to at least 14 years in prison for conspiracy, fraud and wire fraud.
The deal allows him to ask for a prison term of less than 10 years based on health problems, including heart trouble. But the government can oppose any such request.
As part of the plea deal, Cummings agreed to forfeit any property he obtained as a result of the crimes.
The Associated Press contributed to this report.
Bob Sullivan is author of the new book, Your Evil Twin: Behind the Identity Theft Epidemic.
© 2013 msnbc.com Reprints