A group of international fraudsters appears to have mounted an immense, sophisticated attack on U.S. unemployment systems, creating a network that has already siphoned millions of dollars in payments that were intended to avert an economic collapse, according to federal authorities.
The attackers have used detailed information about U.S. citizens, such as social security numbers that may have been obtained from cyber hacks of years past, to file claims on behalf of people who have not been laid off, officials said. The attack has exploited state unemployment systems at a time when they are straining to process a crush of claims from an employment crisis unmatched since the Great Depression.
With many states rushing to pay claims, payments have gone straight to direct-deposit accounts. In Washington State, the agency tasked with managing unemployment claims there began realizing the extent of the problem in recent days when still-employed people called to question why they had received confirmation paperwork in the mail.
“This is a gut punch,” said Suzi LeVine, the commissioner of Washington State’s Employment Security Department.
In a memo obtained by The New York Times, investigators from the U.S. Secret Service said they had information suggesting that the scheme was coming from a well-organized Nigerian fraud ring and could result in “potential losses in the hundreds of millions of dollars.” Roy Dotson, a special agent who specializes in financial fraud at the Secret Service, said in an interview investigators were still working to pinpoint who was involved and exactly where they were.
”We are actively running down every lead we are getting,” Mr. Dotson said.
Mr. Dotson said it appeared the fraud was being aided by a substantial number of “mules” — people, often in the United States, who are used as intermediaries for money laundering after making connections with fraudsters online. He warned people to be wary of quick-money job offers or other suspicious financial arrangements.
The Secret Service memo said Washington State had emerged as the primary target thus far, but there was also evidence of attacks in Florida, Massachusetts, North Carolina, Oklahoma, Rhode Island and Wyoming. The agency warned that every state was vulnerable and could be targeted, noting that the attackers appeared to have extensive records of personally identifiable information, or P.I.I.
“It is assumed the fraud ring behind this possess a substantial P.I.I. database to submit the volume of applications observed thus far,” the memo said.
State unemployment systems were never designed to handle 35 million applications in two months. This was done in all 50 states by choice, this was done in states like Florida to make the system so antiquated on purpose that it actively discouraged people from applying at all.
Of course there was going to be fraud, and this is going to be one of the big reasons Republicans will use to say that we can't have any more money to help the unemployed.