Thief gets jail term; stations still vulnerable to inside jobs
More than a year has passed since an employee stole sensitive financial data from New York’s WNYC-AM/FM — and the station acknowledges that similar larceny could happen again.
That’s because no office can be completely secure, says Phil Redo, v.p. WNYC management took special measures after last summer’s theft, hiring security experts to review its procedures and writing donors who might have been affected. But you can only do so much, Redo says.
“I don’t think anything would have prevented this,” he says. “This is not a breach of security as much as it is the reality of an inside job.”
WNYC is one of many nonprofits struggling to prevent employee theft. Widespread use of computers and the collection of credit card information from donors have made nonprofits more vulnerable, and cases of internal fraud are increasing, according to an Aug. 7 report in the Chronicle of Philanthropy. Employee fraud costs nonprofits $10 billion a year, according to one expert.
Kenyel Dotts, 21, was convicted of stealing paper records of check information belonging to 195 station donors and selling the information to an identity theft ring. WNYC did not hear of any cases in which its donors became victims of identity theft.
Dotts was arrested in July 2002. He pleaded guilty to first-degree fraud and was sentenced April 1 to 60 days in jail and five years of probation. He was also ordered to pay $14,000 in restitution to victims of identity theft.
Two weeks after Dotts was arrested, WNYC hired James E. Johnson, a former U.S. Treasury undersecretary for enforcement, to lead a team of experts from the accounting firm KPMG. The report took several months to compile and was delivered to the WNYC Board, Redo says.
Redo would not release details of the report. “That would defeat the purpose of security,” he says.
But he does say that investigators found few weak points. WNYC did tighten access to some parts of its offices and improve its security cameras. A scheduled upgrade to Windows 2000 improved computer security, as the system locks out users who have been away from their desks after several minutes. Redo declined to discuss other measures.
Redo and Laura Walker, WNYC’s president, urge leaders at other stations to review their security. “Look at what you’ve got in place and make sure it is, in fact, the best you can do and does what you think it does,” Redo says.
Some questions will have to remain unanswered, such as how Dotts was able to get the records.
However WNYC tried to block an inside job, it could not have mounted a foolproof defense against a determined criminal such as Dotts, according to Redo. Managers trusted him to be around the information he stole, and, like many employees who defraud nonprofits, he had no criminal record. “He had access,” Redo says. “It wasn’t like it was a breakdown in security.”
“Whenever there’s a human being involved, you have to trust,” Redo says. “So as long as we’re going to continue to trust our employees, I guess there’s always a risk.”
Web page posted March 5, 2004
The newspaper about public TV and radio
in the United States
Current Publishing Committee, Takoma Park, Md.