Although the investigation focused on 500 devices, the former driver admitted he couldn’t remember how many thousands of devices he stole. | Andrii Zhezhera/Shutterstock
An IT asset disposition employee who admitted to stealing and reselling client devices from federal government agencies was recently sentenced for the crime. Court documents also reveal new details about the scheme, including that it involved thousands of devices that received little to no data destruction, many of which remain unaccounted for.
Nikhil Parekh late last year pleaded guilty to one count of conspiracy to commit an offense against the United States, specifically for selling stolen goods, and the case was announced by the U.S. Attorney’s Office for the District of Columbia in February. While not naming his former employer, the court documents indicated Parekh was a driver for ITAD giant Wisetek — which has since been purchased by Iron Mountain — and worked in the Washington, D.C. area.
From a period between July 2022 and August 2023, Parekh participated in a string of thefts of devices while on the job. He and co-conspirators — some of whom later cooperated with investigators and were not charged — would be deployed to client facilities including government warehouses to retire IT equipment, but they would then sell them to used electronics stores.
The scheme was uncovered when a secondhand electronics resale outlet in Haymarket, Virginia purchased some of the stolen devices in summer 2023, including one device that was still connected to government cloud computing software. Two weeks later, law enforcement showed up at the store and discovered more than 250 government agency devices that were supposed to be destroyed by Wisetek instead being marketed for resale.
On May 6, Parekh was sentenced to one year of probation and ordered to pay about $10,000 in fines and restitution.
Unknown — but likely large — number of devices unaccounted for
There are several striking details in the sentencing documents, in which both the government prosecutors and Parekh’s legal defense make arguments for what would be an appropriate sentence.
Perhaps the most striking is the revelation that, once fired by Wisetek after his thefts were discovered, Parekh continued the scheme with a new employer: “Even after the government contractor fired him from his position upon discovering the scheme, he simply went to a similar ‘e-waste’ company where he essentially engaged in the same conduct that had just resulted in his termination,” the government sentencing memo states.
“Indeed, upon executing a residential search warrant on the defendant’s residence in Maryland in June 2024, agents identified multiple devices that law enforcement confirmed had belonged to various organizations that had contracted with defendant’s then employer to wipe and recycle, but had nevertheless been misappropriated by the defendant,” the memo continues. “In other words, termination and the end of gainful employment did little to deter the defendant in his efforts to exploit gaps in the internal controls of his employers and misappropriate items to sell for his own account.”
The sentencing documents also shed new light on the scope of the thefts, raising questions about whether all of the mismanaged data can truly be accounted for. In fact, the documents indicate there are an unknown but large number of devices that are not accounted for because they entered the resale market long before the scheme was uncovered.
The prosecution noted that the case is focused on holding Parekh accountable for the loss of devices worth up to $10,000. But it adds that “based on how the conspiracy operated, there is ample basis to believe there are greater losses and even more victims.”
Law enforcement intercepted 500 devices from D.C.-area resellers as the investigation went on in summer 2023, but that represents “a mere snapshot” of the full scope of stolen devices, the prosecution wrote.
When investigators interviewed Parekh in 2024, he “had difficult recalling precisely how many thousands of devices he had personally taken during his time with the aforementioned government contractor with which he was employed,” the prosecution wrote.
Parekh told investigators he had begun the theft and resale scheme in mid-2022, and investigators reviewed receipts showing loads of devices that were sold to resale stores during that period. But by the time of the investigation, “such items had long since been pawned off by the re-sellers and could no longer be tracked and identified by law enforcement agents.”
The prosecution highlighted the deeply troubling ramifications of these unaccounted-for devices, especially in light of the lack of data destruction the devices received: “Not only did defendant’s scheme essentially defraud various organizations by having them pay for the destruction and recycling of devices that defendant and his co-conspirators never destroyed, but they also exposed potentially sensitive data from different government agencies by simply re-selling these devices directly on to electronics re-sellers.”
The prosecution referenced text messages between Parekh and an electronics reseller indicating only a small percentage of a given load of devices were totally clean of data.
“If anything, defendant’s text messages reveal a casual disregard of any security and / or privacy risks posed by his selling to-be-destroyed devices to resellers for eventual sale to any end-user,” the prosecution wrote. The resale scheme “resulted in the potential exposure of sensitive data from government and corporate clients of his former employer,” it added.
Parekh’s legal counsel requested a sentence of zero to six months of probation and up to $10,000 in restitution, not far off from where the judge ultimately landed. His counsel referenced Parekh’s cooperation with the investigation, lack of criminal history and willingness to take responsibility for his actions, as arguments for the lesser sentence.