Lengthy Investigation Leads to Arrest of Former Funding Company Employee
A former Yellowstone Capital employee was arrested yesterday in New York City, the culmination of what Yellowstone CEO Isaac Stern said was a nearly year-long investigation that involved law enforcement in New York, New Jersey and Florida.
The former employee was charged as a Fugitive of Justice in New York. And he is being charged with 3rd degree Theft by Deception and two computer related crimes in New Jersey, according to Stern. This person’s name is being withheld as he has not been convicted. According to Stern, the employee started working for Yellowstone last year as a rep at the company’s Jersey City office. He then left the company on his own volition to move to Florida. When Yellowstone opened a Florida office in May 2017, the man was rehired by Yellowstone to manage the data entry operation at the new office.
The man was terminated in September of 2017 for reasons unrelated to these charges. Following his termination, Stern said that the company noticed a trend where merchants were being solicited after submitting new deals. Simultaneously, the company saw an increase in concerns raised by its ISO partners regarding backdooring. (Backdooring is when a broker submits a potential deal to a funder and that file leaks out to third parties whom the broker did not authorize to handle the information.)
In response to this, the company created a task force comprised of cyber security professionals that ultimately traced the leak to this former employee. A number of people have been arrested for stealing information from Yellowstone, but Stern said that this was by far the largest and most sophisticated theft.
“Nothing has hurt us more than this leak,” Stern said, “and it would have been impossible to catch this guy if we didn’t have a full-time team.”
The team Stern refers to is what he says has now become a separate Yellowstone office at an undisclosed location that is devoted exclusively to security. He said Yellowstone spent about $250,000 developing this external office and upgrading the company’s security systems. Additionally, employees and others can now anonymously email: firstname.lastname@example.org with information related to potential theft.Last modified: April 20, 2019
Todd Stone is a reporter for deBanked.