DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

New York City Man Pleads Guilty To Illegally Accessing Hundreds Of Snapchat Accounts And Sending Nude Photos

Posted on June 17, 2021 by Dissent

June 16 – BUFFALO, N.Y.-U.S. Attorney James P. Kennedy Jr. announced today that David Mondore, 29, of New York, New York, pleaded guilty before Senior U.S. District Judge William M. Skretny to accessing a protected computer without authorization and, by means of such conduct, furthering the intended fraud and obtaining anything of value. The charge carries a maximum penalty of five years in prison and a $250,000 fine.

Assistant U.S. Attorney Charles M. Kruly, who is handling the case, stated that between July 2018 and August 2020, the defendant gained unauthorized access to, and control of, Snapchat accounts belonging to third parties. After doing so, Mondore often located nude “selfie” photos saved in the victims’ “My Eyes Only” folder, which the defendant then saved to his own phone.

After gaining unauthorized access to a victim’s Snapchat account, Mondore typically sent messages from the Snapchat account to the victim’s Snapchat contacts, sending them under the ruse that the first victim needed the second victim’s Snapchat login credentials to access the second victim’s account. After receiving the second victim’s login credentials and gaining unauthorized access to the second victim’s Snapchat account, Mondore sent a text message to the second victim using a smartphone application that allowed him to anonymize his true phone number. The text message purported to be from Snapchat Security and requested—as a way of verifying that the second victim’s Snapchat account had been legitimately accessed—that the second victim send the passcode for his or her “My Eyes Only” folder. After the second victim sent his or her “My Eyes Only” passcode, Mondore could, and did, gain unauthorized access to the second victim’s “My Eyes Only” folder, from which he could locate and save the second victim’s nude photos. After gaining access to the second victim’s Snapchat account, the defendant then repeated this pattern of activity by using the second victim’s Snapchat account to contact, and then gain unauthorized access to, Snapchat accounts belonging to the second victim’s Snapchat contacts.

For example, in December 2019, Victim 1 received a Snapchat message from a Snapchat account belonging to an acquaintance known as Victim 2. The person who contacted Victim 1 from Victim 2’s Snapchat account asked Victim 1 for her Snapchat login credentials so that Victim 2 could use Victim 1’s Snapchat account to verify whether Victim 2 had been “blocked” by another Snapchat user. Victim 1 sent her Snapchat login credentials to Victim 2. Victim 1 then received a text message purporting to be from Snapchat Security, but which was, in reality, sent from the defendant’s smartphone. The text message stated that Victim 1’s Snapchat account had been locked and could only be unlocked if Victim 1 provided the passcode for her “My Eyes Only” folder. After gaining access to Victim 1’s “My Eyes Only” folder, Mondore sent an explicit photo of Victim 1 to 116 of Victim 1’s Snapchat contacts with a caption reading: “Flash me back if we are besties.” Four of Victim 1’s Snapchat contacts responded by sending the defendant explicit photos of themselves.

Mondore gained unauthorized access to Snapchat accounts belonging to 14 victims in the Western District of New York. The defendant admits that he gained unauthorized access to at least 300 Snapchat accounts belonging to victims both in the Western District of New York and elsewhere.

The plea is the result of an investigation by the Federal Bureau of Investigation, under the direction of Special Agent-in-Charge Stephen Belongia.

Sentencing is scheduled for September 29, 2021, before Judge Skretny.

# # # #

Source: U.S. Attorney’s Office, Western District of New York


Related:

  • PowerSchool commits to strengthened breach measures following engagement with the Privacy Commissioner of Canada
  • Two more entities have folded after ransomware attacks
  • Global hack on Microsoft product hits U.S., state agencies, researchers say
  • Michigan ‘ATM jackpotting’: Florida men allegedly forced machines to dispense $107K
  • Premier Health Partners issues a press release about a breach two years ago. Why was this needed now?
  • Missouri Adopts New Data Breach Notice Law
Category: HackU.S.

Post navigation

← MS: George County School District hit by cybersecurity attack
Did your risk assessment include what’s in your employees’ email accounts? →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Scattered Spider Hijacks VMware ESXi to Deploy Ransomware on Critical U.S. Infrastructure
  • Hacker group “Silent Crow” claims responsibility for cyberattack on Russia’s Aeroflot
  • AIIMS ORBO Portal Vulnerability Exposing Sensitive Organ Donor Data Discovered by Researcher
  • Two Data Breaches in Three Years: McKenzie Health
  • Scattered Spider is running a VMware ESXi hacking spree
  • BreachForums — the one that went offline in April — reappears with a new founder/owner
  • Fans React After NASCAR Confirms Ransomware Breach
  • Allianz Life says ‘majority’ of customers’ personal data stolen in cyberattack (1)
  • Infinite Services notifying employees and patients of limited ransomware attack
  • The safe place for women to talk wasn’t so safe: hackers leak 13,000 user photos and IDs from the Tea app

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Congress tries to outlaw AI that jacks up prices based on what it knows about you
  • Microsoft’s controversial Recall feature is now blocked by Brave and AdGuard
  • Trump Administration Issues AI Action Plan and Series of AI Executive Orders
  • Indonesia asked to reassess data privacy terms in new U.S. trade deal
  • Meta Denies Tracking Menstrual Data in Flo Health Privacy Trial
  • Wikipedia seeks to shield contributors from UK law targeting online anonymity
  • British government reportedlu set to back down on secret iCloud backdoor after US pressure

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.