DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Former State Dept employee sentenced to prison for hacking, cyberstalking and “sextortion” scheme

Posted on March 23, 2016 by Dissent

There’s an update to a previously noted case.

Former U.S. State Department employee Michael C. Ford has been sentenced to four years, and nine months in prison for perpetrating a widespread, international e-mail phishing, computer hacking and cyberstalking scheme against hundreds of victims in the United States and abroad.

“This case unfortunately shows that cyber-stalkers have the ability to torment victims from any corner of the globe,” said U.S. Attorney John A. Horn.  “Hopefully, Ford’s victims can be reassured that he will serve a significant sentence for his conduct.  Members of the public must be extremely careful about disclosing their logins and passwords to anyone, even when the person on the other end of an e-mail or instant message appears to be legitimate.”

“Michael Ford hacked hundreds of email accounts, particularly targeting young women so he could extort them into sending him sexually explicit images,” said Assistant Attorney General Caldwell.  “He preyed on vulnerable victims, leaving them with indelible emotional scars.  His sentence is a necessary step in holding him to account for his crimes and helping his victims move forward with their lives.”

“The sentencing of Mr. Ford will not only hold him accountable for his despicable criminal conduct but will also deny him the ability to further victimize others.  The FBI is proud of the role that it played in bringing this case forward for investigation, apprehension, and federal prosecution and it is hoped that those who were victimized by Mr. Ford will find some relief with this sentencing,” said J. Britt Johnson, Special Agent in Charge, FBI Atlanta Field Office.

“The Diplomatic Security Service is proud of the hard work of everyone involved in the investigation including our partners at the FBI and the Department of Justice.  When a public servant in a position of trust commits crimes like cyberstalking and computer hacking on such a large scale, we will vigorously investigate those crimes and ensure they are brought to justice.  We hope that this sentence will provide some closure for the victims,” said Director Miller.

According to U.S. Attorney Horn, the charges and other information presented in court: Ford admitted that between January 2013 and May 2015, while employed by the U.S. Embassy in London, he used various aliases to commit a widespread, international computer hacking, cyberstalking and “sextortion” campaign designed to force victims to provide Ford with personal information as well as sexually explicit videos of others.  Ford targeted young females, some of whom were students at U.S. colleges and universities, with a particular focus on members of sororities and aspiring models.

Posing as a member of the fictitious “account deletion team” for a well-known e-mail service provider, Ford sent thousands of phishing e-mails to thousands of potential victims, warning them that their e-mail accounts would be deleted if they did not provide their passwords.  Ford admitted he then used the passwords to hack into at least 450 e-mail and social media accounts belonging to at least 200 victims, where he searched for sexually explicit photographs and for victims’ personal identifying information (PII), including their home and work addresses, school and employment information, and names and contact information of family members, among other things.

Using both the photos and PII, Ford admitted that he then e-mailed at least 75 victims, threatening to release those photos unless they took and sent him sexually explicit videos of “sexy girls” undressing in changing rooms at pools, gyms and clothing stores.

When the victims refused to comply, threatened to go to the police or begged Ford to leave them alone, Ford escalated his threats, according to the plea agreement.  For example, Ford admitted that he wrote in one e-mail “don’t worry, it’s not like I know where you live,” followed by another e-mail with her home address and threatened to post her photographs to an “escort/hooker website” along with her phone number and home address.  On several occasions, Ford followed through with his threats, sending his victims’ sexually explicit photographs to family members and friends, according to the plea.

Additionally, at sentencing, the government presented evidence that Ford engaged in a related scheme targeting aspiring models beginning in 2009.  Posing as a model scout, Ford convinced young women to send their personal information, to include dates of birth and measurements, as well as topless photos for consideration for fictitious modeling opportunities.  During this ruse, Ford obtained topless and partially nude photos from hundreds of women, including several minors.  He also attempted to entice a minor to take voyeuristic videos of her peers in her school locker room.  Some of his early model-scout victims became the first victims of his charged cyberstalking scheme.

Michael C. Ford, 36, of Atlanta, was sentenced by U.S. District Judge Eleanor L. Ross of the Northern District of Georgia, to four years and nine months in federal prison, to be followed by three years of supervised release.  On Dec. 9, 2015, Ford pleaded guilty to nine counts of cyberstalking, seven counts of computer hacking to extort and one count of wire fraud in connection with his ongoing criminal scheme.  The names of the victims are being withheld from the public to protect their privacy.

The Diplomatic Security Service and the FBI investigated the case.

The case was prosecuted by Assistant U.S. Attorney Kamal Ghali of the Northern District of Georgia, Senior Trial Attorney Mona Sedky of the Criminal Division’s Computer Crime and Intellectual Property Section, and Trial Attorney Jamie Perry of the Criminal Division’s Human Rights and Special Prosecutions Section.  The Criminal Division’s Office of International Affairs and the U.S. Embassy in London provided assistance in this case.

Anyone who believes that they are the victim of hacking, cyberstalking, or “sextortion” should contact law enforcement.  Resources regarding hacking and other cybercrimes can be found at: https://www.fbi.gov/about-us/investigate/cyber.

 

SOURCE: U.S. Attorney’s Office, Northern District of Georgia

Related posts:

  • Former U.S. State Department Employee Pleads Guilty to Extensive Computer Hacking, Cyberstalking and “Sextortion” Scheme
  • Former U.S. Government Employee Charged in Computer Hacking and Cyber Stalking Scheme
  • Is a vendetta by the FBI keeping an innocent man in jail, or has DOJ just lost its mind altogether?
  • Court dates set in Justin Shafer case
Category: HackU.S.

Post navigation

← Chinese National Pleads Guilty to Conspiring to Hack into U.S. Defense Contractors’ Systems to Steal Sensitive Military Information
Islamic Jihad cyber terrorist indicted for hacking IDF drones over Gaza →

3 thoughts on “Former State Dept employee sentenced to prison for hacking, cyberstalking and “sextortion” scheme”

  1. Billy Rubin says:
    March 24, 2016 at 8:30 am

    How did they catch him? And will this case help catch others?

    1. Dissent says:
      March 24, 2016 at 9:15 am

      According to earlier documents, the majority of his phishing attempts, threats, etc. were done using his work computer. I’m guessing that when a victim came forward, law enforcement was then able to backtrack the IP address to him.

      1. Jordana Ari says:
        March 27, 2016 at 12:35 pm

        If this was all done on a work computer, makes me concerned over security and tracking within the federal government. So much oversee there that this was not stopped before it escalated.

Comments are closed.

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Alert: Scattered Spider has added North American airline and transportation organizations to their target list
  • Northern Light Health patients affected by security incident at Compumedics; 10 healthcare entities affected
  • Privacy commissioner reviewing reported Ontario Health atHome data breach
  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders
  • Potential Cyberattack Scrambles Columbia University Computer Systems
  • 222,000 customer records allegedly from Manhattan Parking Group leaked
  • Breaches have consequences (sometimes) (1)
  • Kansas City Man Pleads Guilty for Hacking a Non-Profit

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data
  • Sacred Secrets: The Biblical Case for Privacy and Data Protection
  • Microsoft’s Departing Privacy Chief Calls for Regulator Outreach
  • Nestle USA Settles Suit Over Job-Application Medical Questions

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.