recommended reading

Ex-State Employee Allegedly Cyberstalked Hundreds of Coeds from Embassy Computer

Gil C/Shutterstock.com

A 36-year-old now ex-State Department employee allegedly hacked into the emails, and sometimes nude photos, of potentially more than 250 coeds nationwide, using a government computer while stationed at the U.S. Embassy in London.

Criminal records checks into Michael C. Ford have since revealed he has a history of voyeurism, according to a criminal complaint filed May 15. 

Authorities found on Ford's embassy computer a chart summarizing the exploitation of many of his alleged victims.

The cyberstalking scheme spanned from early January 2013 through May of this year. During that period, Ford was a civilian employee at the embassy, where he allegedly used his government-issued desktop to hack, harass and extort women.

According to the Justice Department, Ford sent phishing emails from various self-concocted Gmail addresses to lure his victims into sharing their email credentials. Through their hacked email accounts, the suspect looked for means to access their photo storage and photo sharing accounts, where he searched for sexually explicit images.

Ford is accused of then attempting to blackmail the women into shooting graphic photos and videos of other females in gyms, pools and changing rooms, court documents state. 

The email account names on the chart appear to be female and have domain names that end in dot-edu. Several of the account holders seem to attend the same college in Indiana, where they belong to the same sorority.

"This leads me to believe that Ford may be targeting college-aged women throughout the U.S," Diplomatic Security Service Special Agent Eric Kasik said in the complaint. 

The spreadsheet looks as if it may "summarize some of Ford’s more recent criminal activities," Kasik said. “The far left hand column is a list of account names for approximately 250 email addresses . . . In the next column to the immediate right is what appears to be a list of passwords," and then other columns with titles such as "work" and "iCloud."

Under the "work" column, "virtually every email account password listed" has an entry in the "work" column that reads, "y," or shorthand for "yes," Kasik said. The suspicion is that Ford "has tested the password and determined that it 'works' to let him hack into the victim's email account." 

Only two stalking incidents are detailed by authorities in the affidavit. 

In each case, after gaining access to their photos, Ford allegedly emailed the victims under the alias David Anderson, using an email address containing the words "Talent Scout.” In those messages, “Anderson” threatened to publish the explicit images unless they complied with demands.

Ford began working at the embassy in 2009, the same year the "Talent Scout" Google account was created by a machine that was traced to Ford's State-owned computer at the embassy, according to court papers.

In one of the situations depicted, the suspect Jan. 26 emailed an 18-year-old Henderson, Kentucky, female an erotic photo of herself with a message stating, "finally, I found you! What do you think? Nice ass!"

Days later, he emailed the woman, referred to in the complaint as "Jane Doe One" to protect her identity: "I want you to record videos of sexy girls changing. In gyms, clothing stores, pools . ... You do that, and I disappear." If she refused, Ford allegedly said he would post intimate photographs of her online, along with her name and address, as well as email the images to named acquaintances of hers.

A 22-year-old Illinois resident, identified in the indictment as Jane Doe Two, recounted a similar ordeal.

The episode began with a March 20 message signed by the "Gmail Account Deletion Team." The message informed the woman that Google had received a request from her to delete her account. It went on to explain that she could cancel the process by responding to the message with her current password in the body of the reply. 

After the woman provided her password, she and her parents received threatening messages from the "Talent Scout" account. 

The father of the Illinois victim is "a well-known executive of a large, multinational company headquartered in Chicago," according to the complaint, which does not disclose the man's name.  

Sometimes, Ford allegedly stood by his threats and sent graphic photos to victims' families and friends.   

State began investigating Ford around April.

A law enforcement records search later showed a Michael C. Ford, with the same Social Security number, has a criminal arrest for "peeping tom"-like offenses, the affidavit states.

UK authorities also received a complaint in 2013 involving email stalking and harassment traced back to Ford's current address in South Croydon, according to court papers.

Diplomatic Security Service Director Bill A. Miller said in a statement this week, “When a public servant in a position of trust is alleged to have committed a federal felony such as cybercrime, we vigorously investigate such claims.”

The Justice Department and the FBI are assisting with the case. 

U.S. Attorney John Horn added, “This sadistic conduct is all the more disturbing as Ford is alleged to have used the U.S. Embassy in London as a base for his cyberstalking campaign.”

(Image via Gil C/ Shutterstock.com)

Threatwatch Alert

Network intrusion

Pizza Hut Website, Mobile App Burned by Hackers

See threatwatch report

JOIN THE DISCUSSION

Close [ x ] More from Nextgov