Countrywide Sends Fraud Alert Letters: 'Your Info May Have Been Sold'

A Countrywide customer emailed to tell us he received an unpleasant surprise in the mail today: a former Countrwide employee may have sold his loan info.

I received a letter from Countrywide today that says:

“We are writing to inform you that we recently became aware that a Countrywide employee (now former) may have sold unauthorized personal information about you to a third party…

Based on a joint investigation conducted by Countrywide and law enforcement authorities, it was determined that the customer information involved in this incident included your name, address, Social Security number, mortgage loan number, and various other loan and application information.”

It goes on to say they will give you 2 years of Triple Advantage credit report monitoring for free and they include a website address and activation code to start the credit monitoring service.

Just great. Luckily the only thing Russian hackers could buy with my credit is a bottle of cheap vodka.

We don’t understand why temporary free credit monitoring is always the go-to remedy every time a company “loses” your personal data. The security breach could have huge and long-term financial consequences for you, and the company that enabled that breach should take responsibility for it.

Every company that deals in sensitive data should have identity theft counselors on staff—people who will walk you through a formalized plan for changing account numbers where possible, getting new account numbers if necessary, and setting up a systemized way to monitor financial activity on a weekly or monthly basis. (And they should pay for any fees you’re charged in the process.)

Just saying “sorry, here’s some free online monitoring” is inadequate—it’s like a doctor leaving a clamp inside you after surgery, then giving you coupons for free checkups for a couple of years.

(Thanks to Frisco!)
(Photo: Getty)

Comments

Edit Your Comment

  1. taking_this_easy says:

    well.. what can countrywide do? give u a new identity?

  2. starrion says:

    At this point, they are at least admitting it and alerting you to the possibility of a problem (however remote).

    In some instances (being unable to find backup tapes) the risk may be small and the credit monitoring is fine.

    Make it too expensive and the companies will try to cover it up.

    • mythago says:

      @starrion: So we need to let the companies that did wrong off the hook because, oh noez, they might cover it up if we actually require them to be responsible?

  3. floraposte says:

    The thing is, Countrywide is a ferocious junk mailer of their customers, so it’s possible some will simply toss the warning unopened.

    On an amusing note, I today received from them a “monthly” print statement, clearly labeled as such, for the first time in nearly a year.

    • FearlessUser says:

      @floraposte: I nearly ripped up mine and threw it away, all the crap I get from them is ridiculous. Good thing I opened it.
      My wife works for a bank and stuff like this will happen from time to time where people’s info is compromised. They also send out letters to people saying the same thing – your information may be compromised. She said they know who’s was and who’s wasn’t. So the “may be” wording really means “check your credit report, make sure no one opened any accounts as you, because someone has your information.”

  4. strife1012 says:

    Countrywide has deep pockets, time to start building new credit, from a 6 figure lawsuit.

  5. Trick says:

    What happens when your identity that was stolen thanks to a dishonest employee?

    “Gee Mr. Smith, we gave you free credit monitoring so the fact that you had 17 credit cards open and $47,000 charged in your name leads us to believe you didn’t monitor your credit very well.”

    “Oh and because you are so far in debt we need to raise your interest rate as you are not a calculated risk.”

  6. njovin says:

    I received the same letter.

    I’m inclined to think that in retaining critical personal information, Countrywide has a responsibility to protect that data.

    There shouldn’t be any way for employees in such a large company to carry out any customer data unless they’re scribbling SSNs by hand on a napkin. It’s too easy for an IT department to make the necessary restrictions to prevent this.

    • starrion says:

      @njovin:

      Do you work in IT? I can tell you now that building policies to prevent people from carrying out data is manifestly NOT easy. USB drive anyone? You can turn off all the ports, disable discwriters, and such. You can prohibit people from bringing in bags, and prohibit removing stuff from the work area. And if you are real careful in monitoring email you might prevent people from sending data out, but it is not easy.

  7. Speaking as an employee of a company who provides ID theft restoration services and consultation and as such has not had but 20 seconds without the phone ringing from irate and panicking customers ALL FREAKING DAY…….

    THANKS COUNTRYWIDE!!!!!!

  8. yagisencho says:

    So…probably one of these letters waiting for me in today’s mail.

    I’m especially looking forward to having credit counselors and the like lecture me again on the importance of properly securing my personal information.

    The SYSTEM is BROKEN.

  9. DashTheHand says:

    Instead of the credit monitoring, can’t you just sue? I don’t see how they are allowed to name their own settlement.

    • howie_in_az says:

      @DashTheHand: My guess is that most people will say “oh that’s horrible, hacker people are bad bad bad! I better sign up for credit protection” instead of the far more appropriate “wtf you stupid bastards how could you let this happen? i trust you with my personal data and you don’t take proper, reasonable steps to secure it? call my lawyer, and that settlement better be in the 8 figure range

    • @DashTheHand: Instead of the credit monitoring, can’t you just sue? I don’t see how they are allowed to name their own settlement.

      They didn’t name their own settlement. They proactively offered a credit monitoring service. I’m sure you could still sue, but this armchair lawyer thinks you’d need to be able to identify damages that exist in fact (or some statutory damages, if they exist), not damages that may or may not happen in the future.

      @Chris Walters: (1) Every company that deals in sensitive data should have identity theft counselors on staff-(2) people who will walk you through a formalized plan for changing account numbers where possible, getting new account numbers if necessary, and (3) setting up a systemized way to monitor financial activity on a weekly or monthly basis. (And they should pay for any fees you’re charged in the process.)

      (1) Sounds like a good idea. But…

      (2) How does changing your account numbers help if the stolen data included social security numbers, addresses, and DOBs? That’s pretty much all a thief needs to get any data he needs (like your current account numbers), now or in the future. It’s like the heist that keeps on giving.

      (3) Isn’t that what they offered for 2 years?

  10. sventurata says:

    If banks hire indiscriminately, fail to provide the resources for CSRs to do their jobs, and overall treat their employees like garbage… consequences happen.

    That does NOT condone theft of private information. I’m just saying, there are a lot of disgruntled financial services employees out there.

    Having worked for a bank where info theft occurred routinely (and was never fully disclosed to cardholders), I applaud Countrywide for their transparency. They should follow up with another letter when whoever responsible gets 6 months of jail time and a $18,000 fine… another wonderful facet of American juridical capitalism.

  11. Baking4me says:

    I received the same letter today, and for some reason, it doesn’t feel right to me. Have any of you thought of the possibility that the letter may be a fake? That now, when you call this number and give them the code shown on the letter, since it’s a “credit monitoring” program, they’re going to ask you all sorts of personal info, such as SSN, DOB, credit card nos. that you have, etc., or is this paranoia on my part? I don’t even know who to trust anymore because the scammers are getting better and better at what they do. Could this letter be a scam as well?

    • glh787s says:

      I thought of the exact same thing. My husband is going to call Countrywide itself to confirm if this is a scam or not. Be careful, because when I called them tonight, they wanted our “Borrower Activation Code.” And because he sounded like a foreigner I said, “Forget it! hHw do I know this is not scam? Very suspicous! Call Countrywide and speak with a manager/supervisor or something.

      Baking4me:

  12. great, another instance where a company totally exposes its loyal customers to years of ruin and hassle repairing their credit and the consequences of identity theft and all they get is lousy credit monitoring for a finite period of time. hear me now consumers, write your legislators on the state and federal level and demand stricter penalties for such careless maintenance of your personal information. until we laws that put teeth into damages for such carelessness, large companies will continue to treat your personally identifiable information with little care and oversight. why? because under current law, all they have to do is send you a notification letter and offer pitiful credit monitoring for a year or two. if companies do that, then, under the statutes on the books and most court decisions interpreting the law in this area, companies exposing you to years of heartache and financial ruin enjoy relative immunity from damages. in most instances, companies can take substantial steps to upgrade their technology and information security but do not because it costs them too much money.

  13. Gannoc says:

    The author of this article is way off base. _Any_ place with access to sensitive data should have identity theft specialists on _staff_? They just sit around in case something goes wrong then leap into action?

    I’d rather have them outsource that to a company that specializes in it – which is what they did. I’m not a countrywide fan, but this is something that is nearly unpreventable and countrywide did the right thing.

  14. msbask says:

    I wonder if this affects prior customers as well. I had a mortgage with Countrywide about 10 years ago and have moved 2 times since then.

    There’s no way they’d find me now to even tell me.

  15. crashfrog says:

    Do you work in IT? I can tell you now that building policies to prevent people from carrying out data is manifestly NOT easy.

    Well, nobody forced them to be banks. They signed up for it, and that means taking on the responsibilities of a bank. That’s why they get paid the big bucks. (Or, you know, just take it from your account whenever they want. That too.)

  16. JayDeEm says:

    I have not received any such letter yet, but I will have to keep an eye out for it. As another poster mentioned above, I get so much junk mail from them that it rarely gets little more than a cursory glance before being fed to the shredder. Thanks for the heads-up Consumerist.

    I’m also looking at my account on the Countrywide website and see a whole bunch of nothing regarding any data theft. Does anyone know the scope of the data breach yet? How many customers were affected and all that?

    • lschofield says:

      @JayDeEm: A local news report (local to Countrywide offices, I guess) lists an employee used a thumb drive to take information out of the building and sell it to a third party for two years before being detected. He has since been turned over to the FBI who have arrested him.

      [www.azcentral.com]

      I think it stinks there is nothing on their web site about this. For all I know the letter is a phish. Also, I never picked Countrywide Mortgage. I thought I did a deal with a local lender – they sold it to Countrywide.

      And – two years is nothing if an SSN is floating around out there. This is a lifetime issue. Looking at Countrywide’s stock price slide we’re probably going to out last them a good bit.

  17. ImFedUp says:

    Ummm yeah…my wife received the letter yesterday but my name wasn’t mentioned anywhere on the letter so at first I thought it was some sort of Countrywide junk mailer. I emailed Countrywide inquiring if this was legit or not but never heard back from them so I figured it was bogus. I log on here and see it was true.

    Now we like many others got scammed by Countrywide with their arm loan a few years back and the next thing they do is stick it to us again with this. So is it worth it to take them up on the credit monitoring or will that just lead to more issues down the road?

  18. dragonfire81 says:

    This is what happens when you give people access to sensitive information and do not pay them well enough.

  19. edrebber says:

    Demand that countrywide pay all costs associated with refinancing affected customer’s loas to another lender. Then demand a signed affidavit from countrywide stating that the affected customer’s personal information has been purged from all countrywide systems.

  20. gnubian says:

    I got one also .. so did this person …

    [blogs.zdnet.com]

    The ex-employee was selling contact info to other lenders so that they could in turn contact you

    quoted from above link -

    ” In an affidavit filed in federal court, the FBI said Rebollo had voluntarily described the scheme. Rebollo said he would charge $400 or $500 for batches of thousands of “leads” – personal and account information that presumably would help outside loan agents solicit new mortgages from the Countrywide applicants, some of whom had been denied loans by the Calabasas company.

    Authorities said they didn’t know whether any of the information had been used for outright fraud, such as identity theft.

    Rebollo would copy information on about 20,000 customers at a time on Sunday nights by using a Full Spectrum computer that did not have the same security features that other machines in the office had, according to the affidavit by FBI Special Agent Richard P. Ryan.

    At that rate, the U.S. attorney’s office said, Rebollo would have compromised up to 2 million customer profiles for about 2.5 cents each – an astonishingly small amount considering the importance of the material. Mortgage leads are among the most expensive for sale because of the potential payoffs to intermediaries when loans are made.”

    • Haltingpoint says:

      @gnubian: When I saw that amount I laughed. As someone who does affiliate marketing and is well aware of how competitive (and potentially lucrative) getting mortgage leads can be, I have to say that the stupidest thing this guy did wasn’t just get caught, it was getting caught for selling something at a FRACTION of what the leads are worth.

      For instance, I just found one program that will pay $35/lead. To quantify…that is roughly 175,000% greater than the rate he was getting. What a royal dumbass.

      For those that were affected, be sure to check whether you are automatically enrolled in the non-free monitoring service after the promo ends. Might as well take it while it lasts, but be sure to mark your calendar for when you have to cancel it.

  21. Canino says:

    I wonder what criteria was used to pull the names. My ex-wife and I were on the same loan. Today I received a letter addressed to her, but not one for me. If the information stolen included “various other loan and application information” then my information was certainly included with hers.

    Maybe my letter is still on the way, but that would be strange. You would think they would batch them by last name?

    • gnubian says:

      @Canino:

      IIRC, there is always a primary name on the loan. In my case, I’m the primary .. The letter came addressed to me and made no mention of my wife.

      I did a search when I opened my letter .. Had a fleeting moment of worry that it was some bizarre snail mail phishing scam. That’s how I came up with the link in my previous post.

      • Canino says:

        @gnubian: That makes sense, except that I was the primary on our loan. My ex-wife’s credit was pretty bad and she would have never been the primary.

  22. Bahnburner says:

    I say fine if they send a letter guaranteeing a closed-end $0 contract on the credit monitoring and no credit card verification requirement. Otherwise,
    GREAT MARKETING PROGRAM!

  23. rasp1960 says:

    Is Countrywide liable for any damages I may incur? Should they at least offer the 25 cents they got for my identity? I thought I was worth more than that..

  24. earlb1 says:

    I am not surprised that the only area of identity theft that people are worried about is Financial Identity Theft. I am certified in identity theft and there are five areas that you should worry about. As stated there is Financial Identity theft, in addition there is DMV, Social Security, Medical and Criminal/Character identity theft. Your personal information can be used for any of these areas.

    For those who state they can have your identity, how would you like to receive a letter from the IRS stating that you owe for unpaid taxes and penalties for one or more people using your social security number to obtain employment? It happens more than you think. How about being arrested for unpaid traffic tickets that you did not have? What if you find out that you have less medical insurance left because someone used it for procedures that you did not have done.

    I agree that what was offered is not enough. You need to be offered a plan that not only monitors but also restores your identity. I have purchased a service that does just that. Check out the information at http://www.decidehere.com also check for other companies that monitor and restore identity theft. You will find out that many only offer assistance with restoration.

    So far I have not received a letter from Countrywide who I have an account with. I did have a credit card replaced due to the TJX Corp data breach. To date, my identity is still clean.

  25. dkush21 says:

    I received a letter last week something to the same effect, but it was BNY Mellon Shareowner services(stock transfer agency)at the Bank of New York Mellon stating that computer tapes containing personal information was lost while being transported to an off-storage facility and that they would provide free credit monitoring (Triple Alert) and/or credit freezes for 2 years. It also claims that if I choose to enroll in this product, that I must do so within 90 days by visiting [partner.consumerinfo.com] and use a unique single-use activation code they gave me. They claim that if I place a credit freeze on my credit file within the 90 days, that they will reimburse me for the cost of the initial placement and one removal of the credit freeze. They also include a toll-free number to call 1-877-289-0136 or to visit [bnymellon.com] I really think that this is identity fraud. If anyone has received similar letters from other companies, I would really like to know and who we can contact to report it.

  26. jrowny says:

    Awesome, my mortgage was just purchased by Countrywide.

  27. AaronMessene says:

    The monitoring is great and all, but what happens when something does pops
    up… they send you a massive “do-it yourself” first aid kit and say best of
    luck! If you have an identity problem, you have a legal problem and Identity
    Theft is the only crime you are truly guilty until PROVEN innocent. What
    happens when you get pulled over and they say there is a warrant out for
    your arrest… Monitoring isn’t going to help you there. You need a tiered
    suite of services that monitor, restore and give affordable access to the
    justice system which can only be found Here .

  28. SenorMouse says:

    I just got my letter today. You forgot the most important part… the weasel PR words:

    ” We deeply regret this incident and apologize for any inconvenience or concern it may cause you. We take our responsibility to safeguard your information VERY SERIOUSLY blah blah blah … “

  29. gnubian says:

    The monitoring requires no additional payment info. You use the code that was included with your letter, answer a few basic questions to insure you are who you claim to be, and enter your email address for a decade of spam ….

    2 years from now, when the monitoring expires, experian will probbaly start houding everyone to sign up for their service.

    • lisbkr says:

      I got the letter today too – I was freaking out because I have been working for the past few weeks with a Countrywide employee to refinance my mortgage. I hate the company, but since my mortgage is already there, they were offering me the best rate. The guy I was dealing with was super slimy and something about it gave me a bad feeling – I guess I now know why. I sincerely hope for Countrywide’s sake that this schmuck didn’t steal my identity and did just sell the info to another mortgage company.

  30. _Truth_ says:

    Wife is on account, too, but they only sent free monitoring offer to me – what gives with that, CFC? And why isn’t the name of this employee being published – it should be a public record if he’s been arrested.

  31. Eoghann says:

    Wow, they were sold as “leads” to other mortgage lenders, particularly those who were turned down by Countrywide?

    How good of a “lead” are you, if Countrywide wouldn’t even give you a loan?

  32. ZukeZuke says:

    How timely a story. A lady here at work just got notice of this from Countrywide and is literally sh*tting her pants as I write this… calling all her banks to put fraud alerts on accounts, etc. As if Countrywide doesn’t have enough problems already, sheesh.

    If our legislators have enough time to pursue investigations on the cost of text messages and other pointless issues, why the hell haven’t they enacted legislation mandating basic security requirements for holders of sensitive personal/financial data?!?! Knock, knock, hello? Anyone home?

    It’ll probably take a half dozen of them to have their identity stolen before they realize this is a big problem.

  33. SoCalGNX says:

    This is nothing new. We have had the city of Claremont, CA, Boeing Corp., Bank of America and a few others DO THE EXACT SAME THING. Claremont offered nothing other than the information that they had lost personal data and we needed to pay attention to our credit scores etc.

  34. Saboth says:

    I agree…losing your data then offering 1 year of credit monitoring is the “defacto” action now. What’s that going to do when the list turns up 10 years from now and my bank account is emptied and credit cards are maxed? “Sorry, you should have um….done business somewhere besides us”.

  35. aljaxart says:

    Rene Robollo Jr. age 36 of Pasadena, CA is the ‘ex’-employee who sold us out for 2.5 cents each!

    Thanks dillweed!

    FBI arrested him earlier last month, and I hope he’s still in jail….for a long time!

    So now we have to sit and be paranoid that someone may arrest us on false charges, or watch our savings get sucked away or be denied a refinance…oh wait, Countrywide already does that……

    Wow, if I had a choice of where my loan went then I could blame myself, but when your original loan bank sells your loan to Countrywide what can you do!?

    I think that sucks, and so does Countrywide

  36. aljaxart says:

    Oh and BTW, it’s not a fraud, I called Countrywide to confirm.

    I also found out that even after admitting to all the crimes to the FBI, Rebollo and accomplice still pleaded “not-guilty”!? How does that work?

  37. aljaxart says:

    In a news release Aug. 1, the FBI reported Wahid Siddiqi, who allegedly bought the data, was also arrested.

    Both men pleaded not guilty during their Aug. 25 arraignments, according to the U.S. Attorney’s Office. Rebollo is free on $80,000 bond; his trial is set for Oct. 7. Siddiqi, who was held without bond, goes on trial Oct. 14.

    According to the complaint, Rebollo would provide individuals with the specific types of data they requested, for which he banked between $50,000 and $70,000 in profits.

    In his affidavit supporting the complaint, FBI Special Agent Richard P. Ryan wrote that a confidential witness said he had contact with a Countrywide employee who provided company data to various mortgage brokers and lead brokers.

    That witness gave the FBI an e-mail address for Rob Bello or Robello; Rebollo’s name came up when Countrywide researched its list of employees for that address.

    The company identified Rebollo as a senior financial analyst in its subprime mortgage division. Ryan said that, in an interview, Rebollo, who said he made $65,000 a year, told the FBI he was responsible for a security breach.

    According to the affidavit, Rebollo said he downloaded information about approximately 20,000 customers each week for nearly two years onto a portable flash drive.

    Most of Countrywide’s computers had security features that blocked the use of the drives, but Rebollo, who worked at Countrywide for 9 1/2 years, said he had access to a computer without those features. He sold each group of 20,000 or so names for $500.

  38. Opt_Out says:

    Opt out people!

    The info was stolen from the marketing dept of Countrywide. If you ignored your Opt Out notices that come with your bills, your info (all of it) was in the marketing database.

    So, Opt Out! In the most severe and restrictive terms. And verify that they actually did opt you out.

    BTW, Coutrywide’s marketing dept “does not have an outside phone line”. It’s about 25-30 min on the phone to get connected to them through various “representatives” and “supervisors”.

    • aljaxart says:

      it’s hard to OPT OUT when you didn’t even get loan……

      “In the beginning, Rebollo would email the contents of his thumb drive to his buyers from a public computer at Kinko’s. Frequently he would export data requested by his buyer, such as “new declines”, or people who had a loan offered, but chose not to take the loan.”

      @Opt_Out:

  39. aljaxart says:

    I believe I did ‘OPt out’ but I was still ‘on the list’ of those they believe were sold…

    a lot of good that did, besides, it depends on when you did it too, because it’s not like he JUST stole the data, he’s been doing it for TWO YEARS! My loan has only been with CountryAss loans for just under that. Plus telling people what they SHOULD’VE done, doesn’t help at this point.

    Robello needs to be made an example of and he needs to go down HARD! And if Countrywide sues him and gets $, Countrywide then needs to pass that out to us and only keep $1.99 to buy a cheap hammer to destroy that one computer without the saftey locks on in.

    It’s stupid people like Robello and Shaddiqi that make this world suck, not to mention all the CEO’s of AIG, FANNY, FREDDY, and MERIL etc, they all should get a big fat 0 and have to down grade to the failures they are….not walk away with Millions! I’m not looking for $ out of this, just some sense of stinkin’ Justice!

  40. aljaxart says:

    ARRGGGG Check out how much of a shadey bold face fraud and idiot this guy Robello is!

    from a newly updated source:

    (updated with new information)

    Rene Rebollo, a 36 year old former Countrywide employee from Pasadena, has been charged by the FBI and taken into custody with a co-conspirator Wahid Siddiqi, a 25 year old from Thousand Oaks. Its alleged that Rebollo would come into the office every Sunday and download data from Countrywide’s subprime mortgage system, Full Spectrum Lending. He apparently logged in each weekend for two years, downloading information on 20,000 each weekend and carrying it home on a flash drive. For this he was paid $500 per week. In all he is accused of selling identity information on 2 million Countrywide applicants, and pocketing $70,000 for his efforts, which exceeded his annual salary at Countrywide. (The Ventura County Star put that figure at $63,000.)

    The LA Times reported yesterday that this means Rebollo was selling identities for about 2.5 cents each. They quote Beth Givens from the Privacy Rights Clearinghouse as saying “This guy obviously didn’t do his homework. He doesn’t know the value of these on the black market”, noting that often social security numbers are sold for dollars each, not pennies.

    According to Thom Mrozek, of the US Attorney’s Office in Los Angeles, the buyers of the stolen data were using it as lead generators to offer the same subprime loan customers other financial offers.

    Its not clear yet how the data was normally transferred from Rebollo to Wahid Siddiqi, but what we do know is that Siddiqi was a reseller of the data Rebollo accessed by logging in with his credentials as a Senior Financial Analyst. According to his LinkedIn Profile, Rebollo worked at Countrywide since September of 1999.

    The FBI came into the case when one of their confidential witnesses made a buy from Siddiqi of the stolen customer profiles for several thousand countrywide customers for $4,000. According to the Ventura County Star, the witness met both Siddiqi, who he called “Nico”, and Rebolla, who he called “Rob Bello”, in a night club and exchanged cash for CDs containing the stolen data.

    The charges against Rebollo, who stole the data, could include up to five years in federal prison. Siddiqi, the reseller, could face up to fifteen years.

    This isn’t the first major mortgage broker to face insider jobs. Online mortgage broker Lending Tree Inc accused two former employees of illegally accessing information on “potentially millions of clients”.

    Update: We’ve received a copy of two affadavits sworn by FBI Special Agent Richard Ryan that were presented to the courts. One is a 13-page document, in support of the charges being brought against Rebollo and Siddiqi.

    The charge against Rebollo is a violation of Title 18 USC Section 1030(a)(2)(A), “Exceeding Authorized Access to the Computer of a Financial Institution”. The charge against Siddiqi is Title 18 USC Section 1028(a)(7), “Fraud and Related Activity in Connection with Identification Documents”.

    On July 7th, second Confidential Witness made consensually recorded telephone calls to “Nico” (Siddiqi) and ordered several thousand leads, negotiating a price of $4,000 for the data. He met with Nico on July 9th while wearing a wire, and received the data on CDs, which he loaded into an FBI undercover laptop, and got Nico to confirm that they were “fresh Countrywide” leads, and that they contained “full socials” (full social security numbers). He paid Nico the $4,000 in cash, provided by the FBI. Armed with this information, Ryan was ready to go interview Rebollo.

    Rebollo was interviewed at his place of employment on July 15th by SA Ryan and SA Medrano. During the interview he confirmed the previous information about his weekly practice of stealing data by exporting it to a personal thumb drive. Rebollo actually opened a bank account at Washington Mutual “Doing Business As” RR Consulting. This account was specifically for receiving and holding the profits from his stolen data.

    In the beginning, Rebollo would email the contents of his thumb drive to his buyers from a public computer at Kinko’s. Frequently he would export data requested by his buyer, such as “new declines”, or people who had a loan offered, but chose not to take the loan. Rebollo confirmed that he knew there was a company policy against sharing Lead Sources outside the company. He also confirmed that he knew that most CountryWide computers had a security feature which prevented the use of a thumb drive. He had found that he had access to one computer which did not have this feature.

    According to the affadavit, on July 15th, Rebollo voluntarily turned over the flash drive he used to transport the data and the personal computer he used to broker the data. The flash drive had about “thirty to fifty” spreadsheets on it, each containing thousands of records with names, telephone numbers, addresses, and social security numbers of Countrywide applicants.

    Rebollo agreed to sign a “CONSENT TO SEARCH” and to allow the FBI to follow him to his home and allowed them to take his thumb drive and his computer. He also printed many of the email messages showing that he had sent the stolen data from his home computer to various buyers.

    Two days after SA Ryan returned to his office with Rebollo’s computer and thumb drive, he was contacted by Rebollo’s attorney who said their “Consent to Search” had been revoked.

    Thanks for reading along . . . here comes the best part!

    FIVE DAYS AFTER THAT, a Confidential Witness provided a recording from Rebollo, informing him that he was “camping at Mammoth” and implying he had data to sell. After consulting with the FBI, the CW called Rebollo back, in the presence of the FBI, and asked for 7,000 to 8,000 leads for customers in the states of California, Oregon, Florida, and New York. Rebollo agreed to provide the leads for $400. This a full week AFTER Rebollo had confessed everything to the FBI, lead them to his home, and offered them his thumb drive and computer!!!

    Shortly after the call, an email, containing 8,000 leads, was received by the CW.

    This second Affidavit, dated July 31st, was for permission to go back and do a court-ordered search (as opposed to the friendly “consent” search previously performed.)

    Permission was granted.