Janitor Plays Key Role in ID Theft Ring

Stole credit information from Chicago hospital
Janitor Plays Key Role in ID Theft Ring
An identity theft ring relied on a janitor to steal personal information from patient files at a Chicago hospital, authorities say.

As many as 250 patients were possible victims of identity theft at Northwestern Memorial Hospital in the year-long identity scam.

Using the stolen information, the thieves obtained access to credit and charged more than $300,000 in more than 500 transactions to purchase jewelry, furniture, household goods, appliances and electronics. They then sold the items to friends and relatives for a cash profit, says Cook County Sheriff Tom Dart.

After a five-month investigation by officials from nine agencies, authorities made seven arrests March 25 and placed warrants for three others, Dart adds. The ring was headed by three sisters and a male friend.

How the scam worked

A janitor serving as a temporary employee for a cleaning service worked unsupervised after-hours at Northwestern Medical Faculty Foundation at the Galter Pavilion on the hospital's downtown campus, Dart explained in a statement.

While cleaning near patient files, the janitor stole personal information and immediately handed it off to others. "Her conspirators would then go online and either apply for credit cards or request that person's credit report be mailed," the sheriff said.

"Those involved in the operation would then either contact the retailer and pose as the card holder and request to be added to the account, or they would use the personal information to open accounts either online or in the store. Once granted access to the credit line, they would immediately run up bills."

Dart expressed dismay that none of the affected retailers caught on to the scam. "One would hope that when a person immediately opens credit at a store, if they then immediately purchase four plasma TVs, someone might be concerned," he said. "No one was."

Dart said store clerks "felt pressure from those in the ring and from their own supervisors to approve credit on the spot without question. It's horribly frightening to hear how easy it is for these criminals to add their own names to victim's accounts."

Hospital reaction

For its part, Northwestern Memorial Hospital offered only a carefully worded statement that said, in part: "We take patient privacy and the guarding of patient identifying information very seriously and are working closely with the sheriff's department to identify possible victims."

The hospital established a hotline to field questions and urged victims to contact authorities.

About the Author

Howard Anderson

Howard Anderson

Former News Editor, ISMG

Anderson was news editor of Information Security Media Group and founding editor of HealthcareInfoSecurity and DataBreachToday. He has more than 40 years of journalism experience, with a focus on healthcare information technology issues. Before launching HealthcareInfoSecurity, he served as founding editor of Health Data Management magazine, where he worked for 17 years, and he served in leadership roles at several other healthcare magazines and newspapers.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.