EXCLUSIVE: ITS FRAUDSTERS VS OPM — OPM is responding to a burst of cyber-enabled fraud in which unknown crooks are trying to siphon off money from several hundred flexible spending accounts of federal workers, according to two people familiar with the investigation. HealthEquity, the vendor that operates the Federal Flexible Spending Account Program, informed OPM in recent days that someone was forging accounts on behalf of U.S. government personnel — or in some cases, illegally accessing existing accounts — according to the two people. Both were granted anonymity due to the ongoing nature of the probe. — Modest, for now: While the FSA program sponsored by OPM is widely used across government agencies, thus far the swindle appears to be somewhat modest. According to the government’s latest estimate, one of the people said, it has netted just a few hundred thousand dollars overall. — How it works: Under the voluntary program, enrolled federal employees can use pre-tax dollars to pay for out-of-pocket health care or dependent expenses, which are then reimbursed. But the fraudsters are using fake or hacked accounts to get paid for false claims ranging from less than $30 to a few thousand dollars, according to both people. — We’re on it: In a statement, a OPM spokesperson said it was notified by a third-party vendor — though it didn’t name HealthEquity — about a “rise in fraudulent activity” and that it is trying to address it. “OPM is working with the vendor to secure impacted accounts, compensate impacted individuals, and implement additional anti-fraud controls,” an OPM statement reads. — The cyber angle: The activity does not appear to be the result of a breach of internal systems at OPM or HealthEquity, although the investigation is ongoing, the two people said. That’s consistent with something OPM asserted in its statement: “At this time, there is no evidence that OPM or our vendors’ systems have been compromised in any way.” One leading theory, the second person said, is that crooks are instead scraping federal employees’ sensitive personal data off the dark web, and using it to create HealthEquity accounts for unenrolled individuals or submit false claims on behalf of existing users whose accounts they have hacked. — Whence 2FA: When asked a series of questions about the incident, including whether federal employees were required to use two-factor authentication to access their accounts, a standard security measure, a spokesperson for HealthEquity referred MC back to OPM. The first individual said that the government is working with HealthEquity on a variety of measures, including ensuring they have two-factor authentication in place. They also said the government is in touch with law enforcement about it. — It takes a village: While OPM and HealthEquity are working to address the issue, both people encouraged federal employees to double-check that none of their hard-earned money is going out the door — and if it is, to report it. For now, that means carefully reviewing FSA accounts or earnings statements for suspicious activity. |
No comments:
Post a Comment