The playbook was simple. Purchase legitimate medical supply companies enrolled in Medicare and use them as shells to submit a flood of bogus claims for durable medical equipment. The scheme didn’t need phony patients. The stolen identities of a million people were used to submit claims under real names. But two years of tracking by a top secret law enforcement operation has now culminated in the exposure of the largest health care fraud and money laundering scheme in American history.

1. Introduction

On June 30. 2025, the United States Attorney’s Office, Eastern District of New York, in Brooklyn, New York, announced that fifteen individuals, including two pharmacists, were charged for their participation in schemes in which the Medicare and Medicaid programs were fraudulently billed $10.6 billion. In one case, dubbed Operation Gold Rush, eleven members of an alleged transnational organization based in Russia “allegedly orchestrated a multi-billion-dollar health care fraud and money laundering scheme to steal from the Medicare program and private health insurance companies.” (here) The indictment, filed in the U.S. District Court, Eastern District of New York, is part of the National Health Care Fraud Takedown, a coordinated law enforcement action across the United States spearheaded by the federal Department of Justice. (here)

2. Background

Reporting for The New York Times, Santul Nerkar described the fraud as “among the largest such schemes in [Medicare’s] history.” (here) The defendants include citizens of the United States, Estonia and the Czech Republic who worked for an organization based in Russia. They allegedly bought dozens of companies that were accredited to submit claims to Medicare and the program’s supplemental insurers. Using personal information stolen from more than a million Americans, the defendants filed billions of dollars in fake claims for equipment that had not been ordered by people enrolled in Medicare. The fraud was uncovered when numerous people reported receiving an explanation of benefits for equipment they had never requested or received. (here) Of the $10.6 billion that was fraudulently billed, the indictment claims the defendants collected more than $900 million.

3. Operation Gold Rush

The schemes charged as part of the takedown involve four indictments and one information. The U.S. Attorney’s Office described Operation Gold Rush as “the largest health care fraud case by loss amount ever charged by the Department of Justice.” The indictment claims that the Russia-based transnational criminal organization orchestrated a fraud and money laundering scheme “to target, exploit, and steal from the Medicare program” in excess of $10 billion in fraudulent claims for durable medical equipment or “DME”. The organization purchased dozens of “Scheme DME Companies” from prior legitimate owners that had the ability to submit claims. The organization executed these purchases by paying foreign nationals and others to serve as nominee owners of the companies. Fictitious corporate records were then created falsely indicating that the nominee owners controlled the companies. The implementation of the fraud and money laundering scheme is described in the indictment as follows:

• After the organization gained control over the Scheme DME Companies, it rapidly submitted billions of dollars in false and fraudulent health care claims to Medicare for DME that it did not provide. The Organization did so by stealing the identities and personal identifying information of more that one million Americans spanning all 50 states, including elderly and disabled Americans. Hundreds of thousands of Americans reported their concerns to Medicare and its contractors after receiving explanation of benefit forms that reflected them purportedly receiving DME that they did not in fact receive, that was purportedly prescribed by doctors whom they had never visited, and purportedly delivered from DME companies with which they were unfamiliar. (cl. 3)
• [T]he Organization also exploited the United States’ financial system. Medicare and Medicare Supplemental Insurers paid the Scheme DME Companies not only by wire transfer, but also by paper check [sic]. In such instances, the Organization needed to convert these checks [sic] to fungible money to realize its substantial fraudulent profits and to transport the money abroad. To effectuate this, the Organization leveraged United States financial institutions in order to deposit the checks [sic] and transfer the funds […]. The health care fraud proceeds were particularly susceptible to laundering because they originated from legitimate sources […]. (cl. 4)
• To gain access to the United States’ financial system, the Organization deployed a range of tactics to circumvent the anti-money laundering controls at multiple financial institutions. To open financial accounts, the Organization armed its nominee owners […] with false sale documentation and false corporate registration documents [allowing it] to remain hidden but able to profit from the Scheme. Moreover, the use of the Scheme DME Companies’ names to open financial accounts allowed the Organization to benefit from the illusion of legitimate commercial activity within the health care market. Upon opening the financial accounts, the Organization funneled fraud proceeds from Medicare and other legitimate health care insurers into the accounts as seemingly “clean” money. From there, the Organization siphoned off the funds to shell companies and various banks overseas, including banks in China, Singapore, Pakistan, Israel, and Turkey. To further conceal the trail of money, the Organization used cryptocurrency to launder stolen funds. (cl. 5-6)
• The Organization constantly evolved, recruiting new nominee owners, stealing new identities, and acquiring new Scheme DME Companies to replace those shut down by law enforcement. This evolution was made possible through the Organization’s extensive use of virtual private servers (“VPSs”) to execute nearly all digital aspects of the Scheme. The VPSs allowed the Organization to use a cyberinfrastructure that helped conceal conspirators’ true physical locations, mask Organization IP addresses, and scale fraudulent operations internationally. Among other things, the Organization used the VPSs to communicate via email with prospective sellers of Scheme DME Companies and their brokers; access electronic medical records and bank accounts; and sign documents necessary for the purchase of the Scheme DME Companies. The Organization also routinely engaged in communications with nominee owners, employees, and others through encrypted messaging platforms. (cl. 7)

The indictment specifically asserts that the defendant, Imam Nakhmatullaev, was a “supervisory member” of the organization based in Russia. He allegedly directed and supervised other members of the organization operating in the United States. In total, the defendants owned or controlled Scheme DME Companies in the New York City boroughs of Brooklyn and Staten Island, and in ten other states including Florida, Illinois and California. The co-conspirators allegedly operated a total of nineteen Scheme DME Companies in the United States and caused the submission of approximately $10.6 billion in false claims to Medicare. Medicare paid the companies approximately $41 million and its supplemental insurers are estimated to have paid the companies approximately $900 million.

4. Conclusion

The eye-popping numbers increase when Operation Gold Rush is considered in the context of the broader crackdown. Federal and state prosecutors have charged more than 320 people and uncovered approximately $15 billion in total false claims. Law enforcement seized more than $245 million in cash, luxury vehicles, cryptocurrency and other assets. In an article titled Inside Operation Gold Rush: How a transnational criminal network exploited the U.S. health care system out of $14.6 billion published by Fortune on June 30,2025, Alanna Durkin Richer said the takedown involves “nearly 190 federal cases and more than 90 state cases” that have been charged or unsealed since June 9, 2025, including charges against twenty-five physicians. (here) The sprawling scope of the scheme highlights the apparent ease with which foreign actors exploited the security of the U.S. health care infrastructure and represents a significant breach of a health insurance program designed for the elderly and disabled.