HOUSTON – We’ve got a warning about personal information being sold to would-be thieves. KPRC 2 Investigates explains how criminals paid cash to get the personal information of dozens of people. Hear how an FBI investigation involving dozens of people focused on a cellphone worker in the Houston area.
Cellphone store employee charged in the huge scheme
When we hear about stolen identities and data breaches, we usually have no way to know where our personal information was leaked in the beginning. But FBI Agents working in Houston followed the trail and it led them to a cell phone store in Missouri City. Federal agents say thieves convinced an employee at a Cricket - MobileLink store to pass along the cell phone information of customers.
“The individual that we arrested was a normal kid just working at a cellphone store. He got hired, for lack of a better term, by the bad guys to make these exchanges and no criminal record at all,” said FBI Special Agent David Ko.
Court records show then 29-year-old Gregory Pierre Hayden took over the cellphone accounts of 79 unsuspecting customers while working at the store from November 2019 through April of 2020. He passed the customer information along to thieves. It was like a side hustle for him because the thieves would give him payment for each customer information given.
“He was getting paid about 100 bucks per cell phone to change,” said Agent Ko.
But that was small potatoes compared to what thieves netted using the information to get into customers’ Cash Apps, Venmo, credit card, and banking apps, stealing thousands of dollars.
FBI Special Agent David Ko says the attack was well orchestrated. Thieves did their homework and knew which customers they wanted to target from California to Connecticut. Victims were in at least 16 states across the country.
“Economically speaking, it makes more sense for them. Since they’ve established this network of people who do research in this network of people who are doing the cash-outs and the money meals, it makes more sense for them to hit as many as they can,” said Agent Ko.
Here is part of a statement sent to us by Mobilelink’s parent company AT&T.
Hayden was sentenced to five years probation and ordered to pay back $182,000 to the victims at $300 a month. The other people involved in this scheme have not been identified.
How would you know if your phone number is compromised?
This type of scam doesn’t even take a rogue cell phone store employee. Our KPRC 2 Investigates team explains how it can happen to anyone without even touching your phone. See how sim swapping works so you can recognize the signs.
Full statement from Mobilelink/Cricket, AT&T
“Our investigation identified the issue and provided the evidence that led to the arrest of Mr. Hayden. We are working closely with our industry, law enforcement, and customers to prevent fraudulent SIM swaps. We have security measures in place to protect customers from this type of criminal activity. We are also educating our customers on the steps they need to take to protect against SIM swap fraud, such as not using mobile phone numbers as the single source of security and authentication.”