Make us your home page

Today’s top headlines delivered to you daily.

(View our Privacy Policy)

Latest target for identity thieves? Military pay

Army Capt. Stephen Redmon and his wife, Julie, have  depended on short-term loans since losing $3,290 when his monthly electronic deposit was rerouted.

Courtesy of Julie Redmon

Army Capt. Stephen Redmon and his wife, Julie, have depended on short-term loans since losing $3,290 when his monthly electronic deposit was rerouted.

TAMPA — Much is demanded of soldiers. In exchange they get pride and pay. But identity theft claimed even the pay last month for four military personnel at Fort Bragg, N.C., one of America's biggest Army bases.

The technique may ring familiar to thousands of victims of hijacked IRS tax refunds and Social Security payments: Someone rerouted the soldiers' monthly electronic deposits onto prepaid debit cards.

Was it an isolated breach or the start of a larger problem for the military? The answer matters: Only about 1 percent of the 6.6 million people on the defense payroll get paper checks.

The Department of Defense is investigating the Fort Bragg pay losses and has not yet determined whether the victims or the government is liable. For now, victims haven't been repaid.

"It's frustrating, I'll say that," said Army Capt. Stephen Redmon, who lost $3,290.

Redmon, a 29-year-old artillery officer who served a year in Iraq, is married with two children and a third on the way.

His monthly pay was due to be deposited in a USAA Bank account on Sept. 14.

On Sept. 10, he checked his leave and earnings statement on myPay, a website for the military's payroll agency, Defense Finance and Accounting Service.

That's when he noticed the bank change. Instead of going to USAA, his deposit was headed to Bancorp Bank, a large issuer of prepaid debit cards, including the Akimbo Visa, upon which Redmon's $3,290 was about to be captured, then withdrawn.

Julie Redmon, his wife, described the chaos that followed: calling Bancorp, getting sent to the wrong card manager company, dialing a fraud line and reaching a psychic hotline. She said the government tried to recall the funds but did not succeed.

(Bancorp reports that most of its prepaid debit cards are not used for fraud. That said, the third choice on the company's automated phone system is a line for detectives with subpoenas.)

Even with a few days' warning, the Redmons could not head off a thief. An investigator told them someone had signed on to the soldier's myPay account using his own login and password.

"At first they asked my husband how our marriage was," Julie Redmon said. "How good our 8-year-old was with computers. They accused my husband of giving his password to someone, or leaving his common access card in a computer. That didn't happen. We don't write down our password.

"The whole time it's been like we're trying to prove we didn't do anything wrong, when they know we're not the only ones."

The Redmons aren't the only ones. Roxanne Addis Olson, spokeswoman for the defense payroll agency, confirmed that three other Fort Bragg soldiers reported their pay was diverted.

And she said pay diversion occurred elsewhere, too, though she was unable to discuss frequency or location. She could not, for instance, say whether it happened in Florida.

In some cases, myPay logins were compromised, she said. Customers had accessed myPay at computers infected with key-logging or other malware set to capture private information.

Retired Air Force Col. Gary McAlum, now chief of security for USAA, wasn't surprised to learn that military pay had been hacked, a practice the banking industry calls "account takeover."

"It's much more common than people know about," he said. "The technology the bad guys have is so easy to use."

USAA provides insurance, banking, investment and retirement services for 9.3 million military members and families.

He said it seemed likely that victims had been hit by key-logging malware. And he mentioned scams in which cyber criminals send emails that appear to be from financial institutions, seeking personal information.

Last fall, an imposter created a phishing email with the logo of the defense payroll agency.

Julie Redmon doesn't recall getting that email. The couple's home computer has security and anti-malware software, she said.

Capt. Redmon also accessed myPay through a computer in the Fort Bragg library and from his cell phone, he said.

He said the lost pay has consumed their lives. It happened amid a move to Fort Sill, Okla., now home. They've been existing on short-term military loans.

"In the military, you used to be able to get a check," Julie said. "You can't do it anymore. Everything is on direct deposit."

Staff writer Patty Ryan can be reached at or (813) 226-3382.

Internet safety tips

From USAA security chief Gary McAlum: Don't answer email requests for personal information, no matter how real they look. Even clicking on links within them can let malware into your computer.

Set your antivirus program to update automatically. At least once a week, disconnect from the Internet and run a deep scan. Be sure to update other programs, such as web browsers.

Don't reuse passwords for multiple applications. If you have too many, store them in a digital vault — protected by a unique password.

From Defense Finance and Accounting Service: Don't use public computers to access your private and financial information. If you must use a public WiFi network, make sure it belongs to the business or library where you're located.

Use the virtual keyboard and position yourself where others cannot see you type or read your screen.

If you have a military common access or identification verification card, use the SmartCard login feature.

Latest target for identity thieves? Military pay 10/30/12 [Last modified: Tuesday, October 30, 2012 11:08pm]
Photo reprints | Article reprints

© 2017 Tampa Bay Times


Join the discussion: Click to view comments, add yours

  1. Senator: American student arrested in China has been freed


    BILLINGS, Mont. — Chinese authorities have dropped charges against an American college student who was arrested and detained in the a week ago after reportedly injuring a taxi driver who was roughing up his mother in a fare dispute, a U.S. lawmaker said Sunday.

    Guthrie McLean was detained for reportedly injuring a taxi driver after the driver physically attacked McLean’s mother.
  2. Tampa-based makeup artist disqualified from contest over pro-Trump post


    WICHITA, Kan. — A makeup artist who splits her time between Tampa and Kansas says she won a national contest sponsored by Kat Von D Beauty but was later disqualified because of an Instagram post supporting Donald Trump's presidential candidacy.

    Gypsy Freeman won the contest with this image posted to Instagram. [@facesofgypsy on Instagram]
  3. Flesh-eating bacteria nearly kills Florida man who thought he just had blisters from a hike


    Wayne Atkins thought little of the blisters he had gotten while hiking. He was trekking up and down the 4,500-foot-high Mount Garfield in New Hampshire - a 10-mile round trip - and blisters were no surprise.

    Wayne Atkins thought his blisters were from hiking, but the flesh eating bacteria nearly killed him. [YouTube]
  4. Yes, again: Rays blow late two-run lead, get swept by Rangers (w/video)

    The Heater

    ST. PETERSBURG — As weekends go, this was a bad one for the Rays. In a word: brutal.

    Tampa Bay Rays relief pitcher Brad Boxberger, foreground, reacts after giving up a home run to Texas Rangers' Carlos Gomez during the eighth inning of a baseball game Sunday, July 23, 2017, in St. Petersburg, Fla. (AP Photo/Mike Carlson) FLMC116
  5. White House offers muddled message on Russia sanctions legislation


    WASHINGTON - White House press secretary Sarah Huckabee Sanders said Sunday that the Trump administration supports new legislation to punish Russia for its meddling in the 2016 presidential election and its aggression toward Ukraine.

    President Donald Trump at the commissioning ceremony for the USS Gerald R. Ford  at Naval Station Norfolk in Virginia, July 22, 2017. [New York Times]