In December 2013, an executive from big-three credit reporting bureau Experian told Congress that the company was not aware of any consumers who had been harmed by an incident in which a business unit of Experian sold consumer records directly to an online identity theft service for nearly 10 months. This blog post examines the harm allegedly caused to consumers by just one of the 1,300 customers of that ID theft service — an Ohio man the government claims used the data to file fraudulent tax returns on dozens of Americans last year.
In February, I was contacted via Facebook by 28-year-old Lance Ealy from Dayton, Ohio. Mr. Ealy said he needed to speak with me about the article I wrote in October 2013 — Experian Sold Consumer Data to ID Theft Service. Ealy told me he’d been arrested by the U.S. Secret Service on Nov. 25, 2013 for allegedly using his email account to purchase Social Security numbers and other personal information from an online identity theft service run by guy named Hieu Minh Ngo.
“I really need to speak with u about this case because the US attorney assigned to this case and the Secret Service agent are trying to cover up Experian involvement in this case,” Ealy said, without elaborating on his theory about the alleged cover-up.
Ngo is a Vietnamese national who for several years ran an online identity theft service called Superget.info. Shortly after my 2011 initial story about his service, Ngo tauntingly renamed his site to findget.me. The Secret Service took him up on that challenge, and succeeded in luring him out of Vietnam into Guam, where he was arrested and brought to New Hampshire for trial. He pleaded guilty earlier this year to running the ID theft service, and the government has been working on rounding up his customers ever since.
Mr. Ealy appears to be one of several individuals currently battling charges of identity theft after allegedly buying data from Ngo’s service, which relied in part on data obtained through a company owned by Experian.
According to the complaint (PDF) against Ealy, government investigators obtained a search warrant for Ngo’s email account in March 2013. Going through that email, investigators found that a customer of Ngo’s who used the address email@example.com had already purchased from Ngo some 363 “fullz” — a term used in the underground to describe a package of everything one would need to steal someone’s identity, including their Social Security number, mother’s maiden name, birth date, address, phone number, email address, bank account information and passwords.
The Justice Department alleges that between Jan. 28, 2013 and Oct. 17, 2013, Ealy filed at least 150 fraudulent tax returns on Americans, instructing the IRS to send the refund money to prepaid credit card accounts he controlled. The government claims that about 50 of those bogus claims were made with Social Security numbers and other data obtained from Ngo’s ID theft service.
For his part, Mr. Ealy says he’s not guilty of the crimes the government is trying to pin on him, and that prosecutors have yet to turn over any evidence as required.
“They still failed to turn over any evidence or discovery,” Ealy said in a Facebook conversation. “When I get my discovery packet I will like you to publish a story about me in connection with the Vietnam individual and can you also see who else has a case in connection with Ngo. Also they keep trying to pressure me to cooperate with them but I don’t want to until they turn over all evidence in this case.”
Initially, Ealy was facing a single-count indictment (PDF) in connection with the investigation. But when Ealy declined to agree to a plea agreement with prosecutors, the government appears to have thrown the book at him — lodging a superseding, 42-count indictment (PDF). Ealy said he recently filed a motion to fire his attorney and is currently representing himself, although he says he is looking for another lawyer.
According to local Ohio news site whio.com, Ealy is the son of a candidate running for Ohio governor. WHIO says Lance Ealy’s father — Larry Ealy — is embroiled in an ongoing investigation of allegations that he and three others who passed nominating petitions for him turned in fraudulent signatures to local board of elections.
In addition to the tax fraud charges, the younger Ealy also is accused of opening bank accounts to electronically deposit the fraudulent tax returns. If convicted, he faces up to 20 years in prison and fines of up to $250,000.