On August 20th, in the American city of London, Kentucky, 39-year-old Somerset resident Jesse Kipf was sentenced to 81 months (6.75 years) in prison for computer fraud and identity theft. Kipf admitted to illegally accessing Hawaii’s death registration computer system in January 2023.
Using the credentials of a physician from another state, the defendant created a fictitious record of his death. Kipf then filled out a death certificate form and even digitally signed it with the same physician’s signature to be registered as deceased in various government databases. One of his motivations was to evade child support payments.
Additionally, Kipf hacked death registration systems in other states and infiltrated the networks of private companies and government organizations. Using the stolen data, he attempted to sell access to these networks on the darknet, often associated with illegal goods and services.
Carlton S. Shier IV, U.S. Attorney for the Eastern District of Kentucky, described this scheme as tactless and cynical, noting that such crimes underscore the critical importance of cybersecurity. He added that this case would serve as a warning to other cybercriminals.
Michael E. Stansbury, Special Agent in Charge of the FBI’s Louisville office, emphasized that victims of identity theft may face lifelong consequences, and the FBI will relentlessly pursue those who commit such crimes.
Under federal law, Kipf is required to serve at least 85% of his sentence in prison. After his release, he will be closely monitored for an additional three years. The damage caused to government and corporate computer systems, as well as unpaid child support, amounted to nearly $196,000.
This case vividly demonstrates that attempts to evade responsibility through cybercrime can lead to far more severe consequences than those typically sought to be avoided by tech-savvy individuals. The technologies used by perpetrators to deceive inevitably turn against them, highlighting the importance of digital security and the necessity of stringent measures to protect personal data.
