Cybercrime , Fraud Management & Cybercrime

How An Ex-IRS Contractor Covertly Leaked Trump’s Tax Returns

Prosecutors Say Charles Littlejohn Developed 'Detailed Plan' to Evade Detection
How An Ex-IRS Contractor Covertly Leaked Trump’s Tax Returns
A federal judge sentenced ex-IRS contractor Charles Littlejohn to five years in prison. (Image: Shutterstock)

A man sentenced to five years in prison for leaking Donald Trump's tax returns developed a "sophisticated, detailed plan" to evade detection by law enforcement while secretly downloading the former president's data from an Internal Revenue Service database, according to court filings.

See Also: OnDemand | Understanding Human Behavior: Tackling Retail's ATO & Fraud Prevention Challenge

Charles Littlejohn said at his Monday sentencing that he had "acted out of a sincere misguided belief" and was "aware of the potential consequences" he would face after stealing Trump's tax returns and leaking the information to multiple news outlets. Littlejohn, who previously worked at a consulting firm with IRS contracts, stole sensitive tax data belonging to "thousands of the nation's wealthiest people," according to his plea agreement.

Prosecutors alleged that Littlejohn had sought to avoid detection by IRS protocols triggered by large downloads or uploads from tax agency systems. Prosecutors said he "exploited a loophole" by uploading stolen tax return information to a private website he controlled, later downloading the information on his personal computer. He configured an Apple iPod as a personal hard drive to house the stolen tax data.

Littlejohn also took steps to avoid detection of his search for the former president's returns, avoiding obvious queries such as Trump's name. He instead used "more generalized parameters," the prosecutors alleged.

They said Littlejohn joined the IRS contractor firm in 2017 "with the goal of getting access to taxpayer information" on Trump, all the while "plotting and calculating carefully at each step to minimize the risk of detection." He then waited until November 2018 to upload the returns to his private website and began disclosing the information to news outlets a year later.

Eventually, the prosecutors said, Littlejohn's "criminal objectives expanded," and in 2020 he began accessing and disclosing IRS data associated with thousands of wealthy individuals.

Littlejohn used two virtual machines that prosecutors described as "essentially simulated versions of physical computers" in order to conceal his activities, uploading the IRS data to his personal site through the digital devices rather than his own personal systems. He then sent the troves of data to a news organization "by mailing it on a password-protected personal data storage device," according to his plea agreement, and later provided a journalist at the outlet with the device's password.

U.S. District Judge Ana Reyes decried Littlejohn's actions while sentencing him to the maximum 60-month sentence Monday. She described his crime as "the biggest heist in IRS history" and compared it to the deadly Jan. 6 insurrection.

"What you did in attacking the sitting president of the United States was an attack on our constitutional democracy," Reyes said. She reportedly added, "It engenders the same fear that Jan. 6 does."


About the Author

Chris Riotta

Chris Riotta

Managing Editor, GovInfoSecurity

Riotta is a journalist based in Washington, D.C. He earned his master's degree from the Columbia University Graduate School of Journalism, where he served as 2021 class president. His reporting has appeared in NBC News, Nextgov/FCW, Newsweek Magazine, The Independent and more.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.in, you agree to our use of cookies.