Massive fraud scheme hits Oklahoma school district

By Michael Kinney

Kevin Hime, the newly hired superintendent of Lawton Public Schools, arrived in December and hasn’t really had time to get to know his new surroundings due to the COVID-19 shutdowns.

He spent the previous nine years as the superintendent of the Clinton School District. But it was still a shock to Hime when he got a call one day from the payroll manager in Clinton. What was even more surprising was the reason she was contacting him. Hime had been the victim of identity theft and it was being used for unemployment insurance fraud.

“They filed on Clinton schools, which was my previous district,” he said. “They actually used an address I had 30 years ago. It had my name a little wrong, but they did have that old address and my Social Security number.”

Hime was just one of more than 900 (and counting) Lawton Public School employees who had their identity stolen for the mass insurance fraud scheme. That included Dana Moore, the principal at Edison Elementary.

“I received a call from our district Human Resources department notifying me that my personal information was being used to apply for unemployment benefits.  She said that I would probably be receiving a letter from the Oklahoma Employment Security Commission next,” Moore said. “However, there were many who were not receiving the letters because the personal information being used might be for old addresses and even using maiden names.”

Hime, Moore and the rest of the LPS victims were ensnared in an international fraud case, according to LPS Chief Operating Officer Dr. Jason James. Yet that is just the tip of the iceberg of those impacted,

“What’s important for our employees to know is that it was a national credit bureau data breach, so I don’t want people to think that it was Lawton schools,” James said. “Lawton didn’t get hacked. A national credit bureau got hacked,” and Oklahoma is one of six states that have been targeted by fraudsters.

“It’s just a perfect storm of circumstances,” James said. “Teachers, principals and employees of school districts all over the state have discovered they have had their identities stolen.” According to reports, several thousand school employees have been affected.

“Almost all schools in Oklahoma are members of the Oklahoma State School Boards Association (OSSBA) and they’re telling us that there are six states in the nation that will pay the first week of unemployment claims on the spot, and then do the verification afterward,” James said. “And Oklahoma is one of those six states. And what’s happening is, they’re trying to get that first week’s unemployment check.”

Moore says she has more questions than answers at this point.

“Why are there so many people in our district? who have been victims of fraudulent unemployment claims?  Where did they get this information?  As I spoke with other LPS employees and we shared our stories in posts on social media, it seemed like many state employees had been the victims of this crime,” said Moore. “We were told by district HR that it was not a local breach. So, was it a state breach? “Something that also came into question was how teachers across the state were mailed recruiting information from Epic Charter Schools last year.  How did they get our information with home mailing addresses?  Several of us wondered if this information was gathered the same way that the info for filing unemployment was gathered. What worries me most is how easily someone has got hold of personal information for so many people.  I thought I did everything to protect my accounts and it still happened to me.  It is just scary to think what else they could do.”

According to James, the entire saga dates from more than three years ago with the Equifax data breach. The consumer credit reporting agency, which collects data such as birth year, credit card numbers and Social Security numbers, was hacked and individual credit information was stolen. The criminal act allegedly was masterminded by a well-organized Nigerian crime ring.

“I’m being told they believe it was an Equifax data breach in 2016 or 2017. The last information I got was, they thought it was a North African cyber-criminal syndicate that then packaged all that information and sold it,” James said. “And then the people who are using it are just taking advantage of the COVID plus the drop in energy prices. Plus knowing the fact that all the schools are out. So all they’re trying to do is get any small percentage of direct deposits they can, get to a bank account that they can grab hold of, that’s what they’re doing.”

After the breach, Equifax sent a letter to those who had their information hacked, informing them that Equifax would monitor their credit for the next three years. That three-year credit watch just happened to end at the same time as the coronavirus pandemic struck the country, which made it easier for the crime ring to go after the unemployment funds.

“That three years is up, and it’s just a sweet spot of crime of opportunity,” James said. “It doesn’t cost the school district anything, it doesn’t cost our employees. it’s just a drain on state resources; it’s a drain on taxpayers. Because you know, taxpayers are going to have to foot the bill, but not individually, and not the school district.”

James said none of the LPS employees will have to pay anything out-of-pocket. “Our employees aren’t going to be on the hook,” James said. “They don’t have to pay anything back. They don’t have to worry about any tax implications in the future. They don’t have to worry about anything on their credit. We’re just doing our due diligence and letting them know that there’s this fraudulent claim against them, and they need to pay attention to their credit. So phase two of whatever, that takes place, they just need to be paying attention to it.”

However, the anxiety that affects people when they find out what is going on doesn’t easily go away.

“How does this happen?  I have seen lots of stories about people applying for unemployment benefits who are having trouble getting approved yet someone can just use my info from who knows where to apply and get through the system quickly,” Moore said. “I was scared.  I don’t make a whole lot of money and I want to keep what I do make safe.”

Hime has similar concerns this situation could have an adverse effect long term.

“Initially I was like, ‘what am I going to have to do to fix this?’ Because you’re really concerned. Obviously you don’t want people having your personal information,” Hime said. “It really worries you. Online data, and we all use a certain amount of credit cards and such now. And just how do you fix it and make sure that it doesn’t cause you other problems? Luckily I had already purchased my house here, but you always hear these stories about how it messes up people’s credit and things like that.”

Lawton Public Schools were able to limit the damage done because they have a staff that works during the summer. James said many school districts were not so lucky. “Lawton, which has got a full-time staff during the summer, we do a really good job of notifying the Oklahoma Employment Security Commission there’s a fraudulent case and those people aren’t eligible, so that gets shut down,” James said. “But some of these small rural schools that might not have a complete staff during the summer, there’s no telling how many weeks go through before they get caught.”

Hime was given some tips by the OSSBA to make sure things like this don’t blow up on him in the future. “They just told me to watch my credit report, watch my credit cards and watch my bank accounts and different things,” he said.

“And you can always use one of the visual free services out there to monitor your credit for you. Just kind of observe and make sure nothing else pops up. Because like I said, if you get one or two, where somebody files on you a couple of times, you’ve got to start considering there’s a whole lot of things you got to go through and contact. It could get to be a tedious, long problem to get through with it.”

Story By Michael Kinney/Michael Kinney Media

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog at WordPress.com.

Up ↑

%d bloggers like this: