Authorities have charged a Nigerian national for his role in the hack of the Los Angeles County email system which resulted in the compromise of 756,000 people doing business with the county, according to The Guardian.
There’s a problem, though: The man, Kelvin Onaghinor, has neither been arrested nor are his whereabouts known. Officials can’t even say for certain whether he is in the U.S.
The 37-year-old accused man faces nine counts, including unauthorized computer access and identity theft, according to the Los Angeles County Chief Executive Office.
The hack occurred in May when more than a hundred county employees were duped by a phishing email into providing their usernames and passwords. Sensitive data of persons doing business with the county was also put at risk at the time. Though it’s been reported that no data has been released as of yet, letters were sent out last week notifying the 756,000 people potentially affected that their data was exposed and possibly compromised. Sensitive data put at risk included names, dates of birth, Social Security numbers, driver’s license or state identification numbers, payment card information, bank account information, home addresses, phone numbers, and/or medical information, such as Medi-Cal or insurance carrier identification numbers, diagnosis, treatment history or medical record numbers, Fox reported
County officials claimed that on learning of the breach, they immediately put in place strict security measures. The delay in notifying those affected was said to be owing to preserve the secrecy of the investigation and to “prevent further harm,” officials said.
Free identity monitoring services – including credit monitoring, identity consultation and identity restoration – are being offered by the county to those affected.
If convicted, Onaghinor faces 13 years in state prison.