Kentucky man sentenced to 81 months in prison for faking his own death through cyber fraud

According to the Department of Health and Human Services, delinquent parents across America are responsible for more than $113 billion in unpaid child support. Few of these offenders have likely tried as hard to meet their obligations as Kentucky native Jesse Kipf.

According to the Justice Department and court documents, starting in January 2023, Kipf began using stolen online credentials from several doctors living in other states to access the death registration systems of the states of Hawaii, Arizona and Vermont and issue death certificates for himself.

According to investigators, a primary motive for the crime was to evade more than $116,000 in child support payments to his ex-wife.

“This scheme was a cynical and destructive attempt, based in part on the inexcusable goal of evading his child support obligations,” Carlton S. Shier IV, U.S. Attorney for the Eastern District of Kentucky, said in a statement.

By using a doctor's credentials, Kipf was able to identify himself as a medical examiner who would confirm his own “death.” He also created a false social security number, and authorities searched his electronic devices and found a wealth of information online about how to avoid paying child support in the state of California.

Kipf was sentenced to 81 months in federal prison and ordered to pay a total of $195,758 to his ex-wife, government and business victims. Authorities also seized his remaining stolen online accounts, as well as nine digital storage devices, an HP ENVY laptop and seven smartphones used in the criminal scheme.

The settlement puts collective damages for government and corporate networks at just under $80,000.

In addition to breaking into three state death registration systems, the indictment also accuses Kipf of using stolen credentials to gain access to the systems of two companies – Milestone Inc. and GuestTek Interactive Entertainment – described by federal authorities as suppliers to “major hotel chains.” Kipf later sold access to the state and corporate databases on the dark web.

These credentials would have given Kipf and potential buyers access to death certificates and customer data of “potentially thousands of individuals,” prompting authorities to ask the court for alternative ways to notify all identified victims via a website created by the agency. According to a ruling memorandum, Kipf sold at least one of the two stolen company databases to Russian buyers.

Kipf was taken into custody by federal authorities on November 8, 2023 and initially pleaded not guilty to five counts of computer fraud, three counts of aggravated identity theft, and two counts of making false applications to a federally insured financial institution.

But by late December, his lawyers were actively negotiating a deal with the government, and in March authorities dropped eight of the 10 charges because Kipf pleaded guilty to aggravated identity theft and computer fraud.

In his sentencing memo, Shier called Kipf a “serial hacker” with a history of crimes in multiple states, including criminal possession of financial transaction equipment, assault, destruction of government property and theft of credit card numbers, which he used to file charges with food delivery services such as DoorDash.

The intrusions into government and private networks caused tens of thousands of dollars in damage and had “unforeseeable consequences” for the restoration of the networks and for the victims, Shier claimed.

Kipf admitted to possessing databases of personal information, including social security numbers, birth dates and medical records, which he sold to international buyers in Algeria, Russia and Ukraine. After his arrest in Pulaski County, Kentucky, on other credit card theft charges, Kipf reportedly told police he had “not held any legal employment for the past five years and had been selling identities to make money.”

“The careless handling of personal identification information from a 'database' full of real people shows a complete disregard for the people he exploits,” Shier wrote.

GuestTek, based in Alberta, Canada, describes itself as a technology integrator for the hotel industry, offering event services, software installation, service and support, data reporting, and Internet and Wi-Fi services. The company says it has 3,900 hotels as clients, including Four Seasons, Hyatt, Marriott, Omni, Trump Hotels, Wyndham and other major brands.

Milestone sells digital website design and advertising, as well as SEO and analytics services. Clients listed on the website include Marriott Bonvoy, Hotel DuPont, Motel 6, automaker Nissan, and banks, credit unions and financial institutions.

Calls to GuestTek's Alberta corporate office seeking comment went to an automated voice message system that hangs up when a caller tries to leave a message. A message sent through LinkedIn to Matthew Baio, GuestTek's managing director for the Americas, received no immediate response.

A voice message left with Milestone Inc. seeking comment was not immediately returned.