Indictment returned in UPMC identity theft, tax fraud operation
Yoandy Perez Llanes is charged with conspiracy to defraud the United States, wire fraud, money laundering and aggravated identity theft.
A federal grand jury in Pittsburgh returned a 21-count indictment on Wednesday, charging a foreign national residing outside the United States with using information acquired in a 2014 data breach to defraud the Internal Revenue Service (IRS) and the U.S. Treasury.
Yoandy Perez Llanes is charged with conspiracy to defraud the United States, wire fraud, money laundering and aggravated identity theft for allegedly filing false federal income tax returns with information stolen in the 2014 University of Pittsburgh Medical Center (UPMC) breach, a Friday Justice Department release said.
Between January and April 2014, Llanes, along with unnamed conspirators, allegedly filed 932 false tax returns with Turbo Tax using proxy IP addresses and anonymous and encrypted email services that disguised their true identities, the indictment said.
Llanes and the conspirators are said to have requested unlawful tax refunds in the form of Amazon.com gift card redemption codes, which were used to make purchases that were sent to reshippers in Florida who later sent the goods to Venezuela.
The merchandise – hundreds of thousands of dollars worth of electronics equipment such as laptop computers, video game consoles and mobile devices – was sent to various drop locations and was later sold at online auction websites.
“The total amount of refunds claimed for all of the false returns totaled approximately $2,205,925.00,” the indictment said. “Approximately $1,475,593.00 of the total amount claimed was paid by the U.S. Treasury in the form of unlawful tax refunds.”
UPMC suffered a data breach in February that was initially thought to have affected roughly 300 people. A UPMC spokesperson later announced that at least 788 employees were victims of tax fraud as a result of the attack, and as many as 27,000 hospital workers could have personal information at risk. According to the release, attackers compromised a UPMC database and stole information – including names, dates of birth, and Social Security numbers – on thousands of UPMC employees.