WASHINGTON, D.C. – This week, U.S. Senators Thom Tillis (R-NC) and Chuck Grassley (R-IA) pressed the Department of Homeland Security (DHS) about a recently uncovered data breach and fraud case involving foreign nationals employed at U.S. embassies in Jordan and Russia stealing refugee case information and selling it for profit.
The employees were hired as “foreign service nationals” by the U.S. Citizenship and Immigration Service (USCIS) to help process asylum requests. For years, these individuals flew beneath the radar of federal authorities, accessing, stealing and selling hundreds of case files involving applicants for U.S. refugee status. The stolen material was then used to help other potential refugee applicants game the application system. They hid their activities by tapping into an older, less secure version of a State Department database that was not removed when newer systems with enhanced security features were installed in 2013. Their fraud was exposed when the database was finally updated in 2019. The years-long security breach leaves significant questions about what steps DHS has taken to remedy these vulnerabilities and assess any related security threats that may arise from the sale of stolen information.
The Department of Justice recently reached a plea agreement with one of the conspirators, who stated he worked to obtain information from the database for “around eight years.” He admitted to receiving compensation for his role stealing this information, and another conspirator is alleged to have received more than $20,000 in compensation for stealing this information.
In a letter to DHS Secretary Alejandro Mayorkas, Tillis and Grassley ask what steps the agency has taken to prevent this from happening again, and what assessments or investigations have been conducted to determine the risk to both the U.S. immigration system and those whose sensitive data was stolen.
“These data breaches appear to have continued undetected for nearly a decade,” the Senators wrote. “Sad stated that he worked to obtain the information from the WRAPS database for “around eight years.” He also admitted that he was able to access information on at least 270 Iraq cases after his employment by USCIS ended in January 2016. Between 2016 and 2019, Krasilova allegedly accessed nearly 600 unique cases through the WRAPS system. Furthermore, during a four month span between October 2018 and February 2019, Krasilova took more than 700 pieces of confidential information. She emailed screenshots from her USCIS email account to her personal email account and, from there, sent them to Sad, who forwarded them to Abduljabbar. In all, Krasilova received more than $20,000 in compensation for providing the information to Sad and Abduljabbar. In 2019, Krasilova also attempted to recruit other foreign service nationals working for USCIS to participate in the conspiracy, though it is unclear whether those efforts were successful.”
The Senators continued, “This fact pattern raises many serious questions, not only because of the sensitive nature of the data stolen, but also because the theft could have seemingly been prevented by simple, common sense measures such as checking for security vulnerabilities. As members of the Judiciary Committee, we are responsible for ensuring that U.S. immigration laws, including U.S. refugee laws, are properly enforced. We must also ensure that proper safeguards are in place to prevent foreign adversaries from obtaining access to confidential government records.”
Full text of the letter can be found here.
The employees were hired as “foreign service nationals” by the U.S. Citizenship and Immigration Service (USCIS) to help process asylum requests. For years, these individuals flew beneath the radar of federal authorities, accessing, stealing and selling hundreds of case files involving applicants for U.S. refugee status. The stolen material was then used to help other potential refugee applicants game the application system. They hid their activities by tapping into an older, less secure version of a State Department database that was not removed when newer systems with enhanced security features were installed in 2013. Their fraud was exposed when the database was finally updated in 2019. The years-long security breach leaves significant questions about what steps DHS has taken to remedy these vulnerabilities and assess any related security threats that may arise from the sale of stolen information.
The Department of Justice recently reached a plea agreement with one of the conspirators, who stated he worked to obtain information from the database for “around eight years.” He admitted to receiving compensation for his role stealing this information, and another conspirator is alleged to have received more than $20,000 in compensation for stealing this information.
In a letter to DHS Secretary Alejandro Mayorkas, Tillis and Grassley ask what steps the agency has taken to prevent this from happening again, and what assessments or investigations have been conducted to determine the risk to both the U.S. immigration system and those whose sensitive data was stolen.
“These data breaches appear to have continued undetected for nearly a decade,” the Senators wrote. “Sad stated that he worked to obtain the information from the WRAPS database for “around eight years.” He also admitted that he was able to access information on at least 270 Iraq cases after his employment by USCIS ended in January 2016. Between 2016 and 2019, Krasilova allegedly accessed nearly 600 unique cases through the WRAPS system. Furthermore, during a four month span between October 2018 and February 2019, Krasilova took more than 700 pieces of confidential information. She emailed screenshots from her USCIS email account to her personal email account and, from there, sent them to Sad, who forwarded them to Abduljabbar. In all, Krasilova received more than $20,000 in compensation for providing the information to Sad and Abduljabbar. In 2019, Krasilova also attempted to recruit other foreign service nationals working for USCIS to participate in the conspiracy, though it is unclear whether those efforts were successful.”
The Senators continued, “This fact pattern raises many serious questions, not only because of the sensitive nature of the data stolen, but also because the theft could have seemingly been prevented by simple, common sense measures such as checking for security vulnerabilities. As members of the Judiciary Committee, we are responsible for ensuring that U.S. immigration laws, including U.S. refugee laws, are properly enforced. We must also ensure that proper safeguards are in place to prevent foreign adversaries from obtaining access to confidential government records.”
Full text of the letter can be found here.
###
