• Identity thieves target hospital patients to steal tax refunds, investigators say

    View more videos at: http://nbcmiami.com.

    By Myriam Masihy, NBCMiami.com

    Pictures taken in February and March of 2012 show Alci Bonannee and Chante Mozley, two convicted identity thieves, withdrawing cash from several banks in Broward County.


    The federal government says the money came from stolen tax refunds that belonged to people like Miami resident Joseph Szot.

    “When I filed a return, the accountant told me you can’t file because somebody filed already,” Szot said.

    More stories from NBCMiami.com

    And just how did Bonannee and Mozley get Szot's tax refund? Federal authorities said it happened while he was a patient at South Miami Hospital.

    The pair is accused of paying respiratory therapist Betty Cole for patients’ personal information including their Social Security number. Internal Revenue Service Special Agent in Charge of the Miami office, Tony Gonzalez said: “The bad guys that are able to get these Social Security numbers are buying them from employees that work at these hospitals and these medical centers which are sold up to $150 each.”

    The breach at South Miami Hospital happened between June of 2011 and February 2012 and affected 834 patients.

    In a statement, Baptist Health, which operates South Miami Hospital, said "the employee was terminated, and efforts are underway to prosecute this individual to the fullest extent possible."

    NBC 6 reached out to that employee, Betty Cole, but she didn't want to talk to the Team 6 Investigators.

    The south Miami case is the latest hospital ID theft to surface in South Florida. Since 2009, the Department of Health and Human Services has received reports that hundreds of thousands of patients have been affected by breaches at hospitals across South Florida. The hospitals with the largest breaches include Memorial Healthcare System with 111,650 patients affected, the University of Miami Health System with 66,065 people, Mount Sinai Medical Center with 2,600 patients and Jackson Health System with 2,062 patients.

    Although many hospitals have had more breaches, a federal act called HITECH only requires that medical centers report breaches that affect more than 500 patients. Gonzalez said investigators have seen a case where a “gentleman who provided a service of taking elders home after being seen at a hospital, would cut their little tabs off their wristbands and with the patient number, walk into the hospital, look at the computer and get a Social Security number without ever being an employee of that hospital.”

    In April of last year, Memorial Healthcare System in Hollywood notified about 9,500 patients that two employees were fired because they may have inappropriately accessed their personal information with the intent to process fraudulent tax returns. In a statement, Memorial said it “continues to enhance its security controls and monitoring systems, limit user access in all physicians’ offices, and has reinforced the importance of the privacy and confidentiality of patients’ information with its staff and affiliated physicians’ employees.”

    Last year, Jackson North had a breach that affected over 500 patients. Ed O’Dell, the spokesperson for Jackson Health system, says in that case it “was a volunteer in a patient care area and he was apparently taking pictures of patient information.”

    Since then, Jackson has implemented new rules for volunteers prohibiting them from using smartphones in patient areas. Linda Quick, president of the South Florida Hospital and Healthcare Association, a trade association, said the industry is not immune to breaches. She told NBC 6: “Proportionate to the number of people who are seen in our member institutions it’s not pervasive in any way.”

    Szot doesn't blame South Miami hospital. He said he believes companies in general should find a way to reduce the risk of security breaches.

    “I think corporations use Social Security numbers too much for identifying you, putting the information out to too many people,” he said.

    The IRS said hospitals have been cooperating with them to combat identity theft, a growing crime.

    So how can you avoid becoming a victim at a hospital?

    Quick said: “you do not have to provide your Social Security number, but you do have to provide enough information for you to be distinguishable from other people.”

    A hospital may still require your Social Security number to verify coverage if your insurance provider only identifies you that way, but experts say you should ask questions before handing your number over.

    Postal Inspector Blanca Alvarez said, “you don’t always have to give it, if they ask for it, make sure that there’s a valid reason to receive it but it doesn’t often have to be given.”

    The IRS says identity theft affects many industries, not just hospitals. According to HHS reports, health insurance companies have had breaches affecting millions of Floridians.

    Read more from Open Channel

     

  • Student accused of trying to rig college election with 'keystroke-logging'

    By Paul Krueger and Sarah Grieco
    NBCSanDiego.com

    A former student candidate at California State University San Marcos has been arrested after being accused of attempting to manipulate votes, according to officials.


    Matthew Weaver, who ran for president of the Associated Students last year, is suspected of casting hundreds of fake votes.

    Weaver used "keystroke-logging" technology to steal user-names and passwords from other students, according to a criminal complaint.

    The FBI led a yearlong investigation of Weaver on suspicion of wire fraud and access device fraud.

    Last year, Weaver had four friends run for vice president positions, according to the complaint. He then allegedly cast hundreds of online votes for himself and his friends. But just hours before the voting ended, college employees found evidence of the alleged fraud.

    If the plan had succeeded, Weaver and his friends would have received a total stipend of $36,000 for their work in the student government.

    A spokesperson for the FBI said this case sends a strong message about computer hacking.

    “They may think that that's not a big thing. It won't get them in trouble,” said the FBI’s Darrell Foxworth. “And I'm here to tell you that it can get you in trouble. It can create big problems for you.”

    Weaver was also charged with unauthorized access of a computer. He appeared Friday in federal court, where a federal judge set his bond at $20,000, and ordered him to return to court later this month.

    NBC 7 San Diego could not reach Weaver for comment and a CSUSM spokesperson declined to speak about the situation because the FBI’s investigation is ongoing.

  • IRS strikes tough balance as 'nice bad guy'

    By Allison Linn, NBC News

    You’ve filed your tax return. Now comes the happy anticipation of wondering how quickly your refund will show up – and grousing when it isn’t in your bank account quickly.

    The IRS has for years faced intense pressure to make the painful process of paying taxes more palatable by at least providing a zippy tax refund. But such service may be coming at a price as the Internal Revenue Service faces a surge of identity theft tax fraud, as well as the usual tax cheats.

    Some victims complain that much of the fraud could have been avoided if the Internal Revenue Service had more carefully screened the fake return in the first place.

    “From a publicity point of view you’re trying to be the nice bad guy,” said Roberton Williams, senior fellow with the Tax Policy Center.

    That is a tough balance, he pointed out.

    "(They are) supposed to process returns very quickly and worry about the fraud aspect, and at the same time Congress is saying, 'Do it with less money,'" Williams said.

    The IRS has struggled with its image for decades, wrangling with a dual role of helping taxpayers file their returns and enforcing against tax cheats.

    The agency, once known as the Bureau of Internal Revenue, changed its name to the Internal Revenue Service in 1953 in an early effort to appear more customer-centric, said Joseph Thorndike, director of the Tax History Project for Tax Analysts.

    But hatred is not too strong a word to express how some people feel about the agency. In 2010 a tax protester crashed his plane into an IRS office in Austin, Texas, killing himself and an agency employee. At the time a Treasury official said there were more than 1,000 threats a year against IRS employees, a figure that had been climbing.

    The IRS also struggles with funding. Last year President Barack Obama sought to boost the agency's $12.1 billion budget by more than $1 billion, so it could hire more workers. Instead Republicans led a successful effort to trim the budget to $11.8 billion

    Pressure to speed the refunds can be be intense in a soft economy, when individuals – and the economy in general – could use that money.

    The IRS processed about 145 million returns last year, and three-fourths of those taxpayers got refunds. The average refund was about $3,000.

     

    But the IRS has stepped up screening efforts to try to stop fraud. Spokesman Terry Lemons said IRS officials have identified about 2 million individual returns for review so far this tax season, out of about 84 million that have been received. That’s about the same number of returns that it reviewed in all of last year.

    When the IRS does flag a return for such a fraud screen, Lemons said the delay in sending out a refund will vary widely depending on what agents find.

    The IRS also has gradually increased the number of returns that get audited over the past decade or so, following a drop-off in 1998, when the IRS went through a major overhaul to focus more on customer service. It currently audits about 1 percent of all returns, Lemons said.

    He concedes it’s tricky.

    “On the one hand you have millions and millions of taxpayers who have worked hard and are entitled to refunds, and they should be able to get that as quickly as possible,” Lemons said. On the other hand, he said, the IRS has an obligation to taxpayers to make sure returns are checked thoroughly for potential fraud.

    In testimony to a Congressional subcommittee last month, Nina Olson, the taxpayer advocate, said that although taxpayers who are victims of fraud need to be protected, so do the majority of legitimate taxpayers who rely on their refund checks.

    “With the introduction of e-filing, combined with the increasing number of refundable credits run through the tax code, our tax system has shifted, for better or worse, to one of instant gratification,” Olson said in the written testimony.

    Still, she noted, “The benefit of enjoying such a tax system is somewhat offset by the increased ability of perpetrators to defraud the government.”

    Over the years, he said, the IRS has seemed to sway back and forth depending on the political mood and other factors, said Thorndike, the tax historian. Now is one of those times when Thorndike thinks sympathies are more with helping the taxpayer.

    “This is the age of the Tea Party, at least sort of, still, and that makes people even more unsympathetic to the federal tax collector,” Thorndike said. “So it’s not a great time for the IRS to be doing anything other than emphasizing customer service.”

    Is the IRS striking the right balance? Tell us on our Facebook page.