Former U.S. State Department Employee Sentenced to 57 Months in Extensive Computer Hacking, Cyberstalking and “Sextortion” Scheme
A former U.S. State Department employee was sentenced today to 57 months in prison for perpetrating a widespread, international e-mail phishing, computer hacking and cyberstalking scheme against hundreds of victims in the United States and abroad.
Assistant Attorney General Leslie R. Caldwell of the Justice Department’s Criminal Division, U.S. Attorney John A. Horn of the Northern District of Georgia, Director Bill A. Miller of the U.S. Department of State’s Diplomatic Security Service and Special Agent in Charge J. Britt Johnson of the FBI’s Atlanta Field Office made the announcement.
Michael C. Ford, 36, of Atlanta, was sentenced today by U.S. District Judge Eleanor L. Ross of the Northern District of Georgia. On Dec. 9, 2015, Ford pleaded guilty to nine counts of cyberstalking, seven counts of computer hacking to extort and one count of wire fraud in connection with his ongoing criminal scheme. The names of the victims are being withheld from the public to protect their privacy.
According to the plea document, Ford admitted that between January 2013 and May 2015, while employed by the U.S. Embassy in London, he used various aliases to commit a widespread, international computer hacking, cyberstalking and “sextortion” campaign designed to force victims to provide Ford with personal information as well as sexually explicit videos of others. Ford targeted young females, some of whom were students at U.S. colleges and universities, with a particular focus on members of sororities and aspiring models.
Posing as a member of the fictitious “account deletion team” for a well-known e-mail service provider, Ford sent thousands of phishing e-mails to thousands of potential victims, warning them that their e-mail accounts would be deleted if they did not provide their passwords. Ford admitted he then used the passwords to hack into at least 450 e-mail and social media accounts belonging to at least 200 victims, where he searched for sexually explicit photographs and for victims’ personal identifying information (PII), including their home and work addresses, school and employment information, and names and contact information of family members, among other things. Using both the photos and PII, Ford admitted that he then e-mailed at least 75 victims, threatening to release those photos unless they took and sent him sexually explicit videos of “sexy girls” undressing in changing rooms at pools, gyms and clothing stores.
When the victims refused to comply, threatened to go to the police or begged Ford to leave them alone, Ford escalated his threats, according to the plea agreement. For example, Ford admitted that he wrote in one e-mail “don’t worry, it’s not like I know where you live,” followed by another e-mail with her home address and threatened to post her photographs to an “escort/hooker website” along with her phone number and home address. On several occasions, Ford followed through with his threats, sending his victims’ sexually explicit photographs to family members and friends, according to the plea.
Additionally, at sentencing, the government presented evidence that Ford engaged in a related scheme targeting aspiring models beginning in 2009. Posing as a model scout, Ford convinced young women to send their personal information, to include dates of birth and measurements, as well as topless photos for consideration for fictitious modeling opportunities. During this ruse, Ford obtained topless and partially nude photos from hundreds of women, including several minors. He also attempted to entice a minor to take voyeuristic videos of her peers in her school locker room. Some of his early model-scout victims became the first victims of his charged cyberstalking scheme.
“Michael Ford hacked hundreds of email accounts, particularly targeting young women so he could extort them into sending him sexually explicit images,” said Assistant Attorney General Caldwell. “He preyed on vulnerable victims, leaving them with indelible emotional scars. His sentence is a necessary step in holding him to account for his crimes and helping his victims move forward with their lives.”
“This case unfortunately shows that cyber-stalkers have the ability to torment victims from any corner of the globe,” said U.S. Attorney Horn. “Hopefully, Ford’s victims can be reassured that he will serve a significant sentence for his conduct. Members of the public must be extremely careful about disclosing their logins and passwords to anyone, even when the person on the other end of an e-mail or instant message appears to be legitimate.”
“The Diplomatic Security Service is proud of the hard work of everyone involved in the investigation including our partners at the FBI and the Department of Justice,” said Director Miller. “When a public servant in a position of trust commits crimes like cyberstalking and computer hacking on such a large scale, we will vigorously investigate those crimes and ensure they are brought to justice. We hope that this sentence will provide some closure for the victims.”
“Today’s sentencing of Mr. Ford will not only hold him accountable for his despicable criminal conduct but will also deny him the ability to further victimize others,” said Special Agent in Charge Johnson. “The FBI is proud of the role that it played in bringing this case forward for investigation, apprehension, and federal prosecution and it is hoped that those who were victimized by Mr. Ford will find some relief with this sentencing.”
The Diplomatic Security Service and the FBI investigated the case. Senior Trial Attorney Mona Sedky of the Criminal Division’s Computer Crime and Intellectual Property Section, Trial Attorney Jamie Perry of the Criminal Division’s Human Rights and Special Prosecutions Section and Assistant U.S. Attorney Kamal Ghali of the Northern District of Georgia prosecuted the case. The Criminal Division’s Office of International Affairs and the U.S. Embassy in London provided assistance in this case.