top of page

Cyber Bites

Bad procedures/controls equal bad outcomes

What could possibly go wrong if you give the same individual authority to approve both new vendors and the payment of vendor invoices? Turns out it cost Amazon close to $10 Million to learn this is a bad idea. Kayricka Wortham, an Operations Manager at Amazon and seven others have been charged with stealing $9.4m.

Wortham provided fake vendor information to unknowing subordinates for input into Amazon’s vendor system. Once entered, Wortham approved the fake vendors, enabling them to submit invoices.

Wortham and co-conspirators then submitted fictitious invoices to Amazon claiming the vendors had provided goods and services to Amazon. Wortham approved the invoices, causing Amazon to transfer millions in fraudulent proceeds to bank accounts controlled by her and her co-conspirators.

Wortham was not one to keep a low profile and went on a bit of a shopping spree, acquiring the following:

  • $1 million home in Smyrna, Georgia

  • 2019 Lamborghini Urus

  • 2021 Dodge Durango

  • 2022 Tesla Model X

  • 2018 Porsche Panamera

  • Kawasaki ZX636 motorcycle

The locals must have thought Amazon pays pretty well.

If you think the above actions by Wortham were brazen; while on bail for the Amazon theft, she approached a Franchising Company to open a hookah lounge in Midtown Atlanta.

During due diligence, the Amazon charges were discovered. Wortham claimed the Amazon-related criminal charges had been dismissed. She emailed fraudulent court documents purporting to show dismissal of the charges which contained the forged signature of the Chief U.S. District Judge and forged seals and signatures of the Clerk of the Court.

The Department of Justice and the Secret Service have taken a dim view of Ms. Wortham ingenuity, she was sentenced to 16 years in prison and ordered to pay restitution to Amazon in the amount of $9,469,731.45. Charges are still pending for forging the signature of a federal judge and seal of the Court.

Source: Department of Justice

Would you like a free, no-obligation Cybersecurity Benchmarking of your organization showing where you stand vs. industry-accepted practices? Click here to schedule a time with one of our associates.


bottom of page