North Carolina Man Sentenced to Over 10 Years for Selling 7 Million Elderly Americans' Data
A North Carolina man has been handed a federal prison sentence of more than 10 years after being convicted for selling the personal information of over 7 million elderly Americans to criminal organizations operating out of Jamaica. The scammers used the purchased data to specifically target elderly victims in fraud schemes, exploiting the sensitive personal details to craft convincing deceptions.
The case represents one of the largest elder data fraud prosecutions in recent memory and highlights the devastating real-world consequences of the personal data economy when it intersects with criminal networks.
What Happened
The defendant, based in North Carolina, obtained or compiled personal information belonging to elderly Americans and sold that data to Jamaican criminal organizations known to operate large-scale phone fraud operations targeting older adults. These organizations specialize in schemes that exploit elderly victims, including:
- Lottery and prize scams — Victims are told they've won a prize but must pay fees upfront to claim it
- Grandparent scams — Fraudsters impersonate grandchildren or law enforcement, claiming the grandchild is in trouble and needs money immediately
- IRS and government impersonation — Callers pose as tax or government officials, threatening arrest unless immediate payment is made
- Medicare and benefits fraud — Victims are manipulated into surrendering Medicare numbers or other benefits information
The data sold provided scammers with the raw material to make their operations devastatingly effective: names, addresses, phone numbers, and in some cases financial account details that made fraudulent calls more credible and targeted.
Scale of the Operation
| Detail | Information |
|---|---|
| Records sold | 7 million+ |
| Target demographic | Elderly Americans |
| Buyers | Jamaican criminal organizations |
| Defendant location | North Carolina |
| Sentence | 10+ years federal prison |
Seven million records represents an enormous volume of elderly Americans' personal data. To put this in context:
- The US Census Bureau estimates approximately 55 million Americans are aged 65 or older
- This single criminal operation targeted data for roughly 13% of the entire elderly American population
- Each record represents a real person — often living on fixed income — who became a potential target for financial fraud
The Human Cost of Elder Fraud
Elder fraud is not a victimless crime. The FBI's Internet Crime Complaint Center (IC3) has consistently documented the outsized impact of fraud on elderly victims:
- Financial loss — Elderly victims lose billions of dollars annually to fraud. Many are on fixed incomes with little ability to recover lost funds
- Psychological harm — Being deceived causes significant emotional distress, often including shame, depression, and loss of trust
- Physical health impact — The stress of financial fraud and its aftermath has been linked to worsened physical health outcomes in elderly victims
- Independence — Financial losses can force elderly individuals to become dependent on family members or to forgo essential healthcare and housing
The FBI reported in 2025 that Americans lost nearly $21 billion to cybercrime in that year alone, with elderly Americans consistently suffering disproportionate losses relative to their population.
How Personal Data Fuels Elder Fraud
The case illustrates how the data economy intersects with criminal networks in ways that directly harm vulnerable populations. Personal data obtained through:
- Data breaches — Information exposed in corporate breaches is frequently packaged and sold on criminal markets
- Data broker lists — Some personal data lists are compiled from legitimate but aggregated public records, then sold or stolen
- Social media scraping — Publicly available social media data can be used to supplement purchased lists with additional personal details
Once in criminal hands, even basic demographic information (name, age, address, phone number) is sufficient to enable effective fraud against elderly individuals, who may be less familiar with current scam tactics or more trusting of callers who seem to know personal details about them.
Law Enforcement Response
Federal prosecutors pursued the case under wire fraud and conspiracy statutes that carry significant sentencing exposure. The more-than-10-year sentence reflects the severity with which federal courts view:
- Scale — 7 million records sold, affecting a comparable number of potential victims
- Vulnerability of targets — Elderly Americans are a specifically protected class of fraud victims under federal sentencing guidelines, which can enhance penalties
- Criminal partnership — The sale of data to known criminal organizations, rather than passive data exposure, represents active participation in a fraud conspiracy
Protecting Elderly Loved Ones
If you have elderly family members who may be at risk, consider the following protective steps:
- Discuss common scam tactics — Make sure elderly family members know that legitimate government agencies never demand immediate payment by phone
- Set up a verification code — Agree on a family code word that can be used to verify the identity of someone claiming to be a family member in an emergency
- Register on the Do Not Call Registry — While not foolproof, the FTC's Do Not Call Registry reduces unwanted contact
- Monitor for unusual activity — Check in regularly; sudden secretiveness about financial activity may indicate active fraud
- Report suspected fraud — Contact the FBI's IC3 (ic3.gov) or the FTC (ftc.gov/complaint) if you suspect fraud is occurring
Broader Context: The Data Broker Problem
This case underscores a systemic challenge: the existence of large aggregated databases of personal information creates an attack surface that criminals can exploit. Whether obtained through breach or assembled from semi-public sources, the existence of detailed profiles on millions of individuals — particularly vulnerable populations — represents a persistent risk that legislation has struggled to adequately address.
Ongoing legislative efforts around data broker regulation and stronger data minimization requirements aim to reduce the supply of personal data available for criminal exploitation, but the market for this data remains robust and poorly regulated.
Source: BleepingComputer