Former State Department Employee Indicted in Computer Hacking and Cyberstalking Scheme
ATLANTA – A federal grand jury has returned an indictment charging former U.S. State Department employee Michael C. Ford has been engaging in a hacking and cyberstalking scheme in which, using stolen passwords, he obtained sexually explicit photographs and other personal information from victims’ email and social media accounts, and threatened to share the photographs and personal information unless the victims provided him with additional explicit photos and videos.
“Ford is alleged to have hacked into hundreds of email accounts and tormented women across the country, by threatening to humiliate them unless they provided him with sexually explicit photos and videos,” said U.S. Attorney John Horn. “This sadistic conduct is all the more disturbing as Ford is alleged to have used the U.S. Embassy in London as a base for his cyberstalking campaign.”
“According to the indictment, Ford hacked into email accounts and extorted sexually explicit images from scores of victims,” said Assistant Attorney General Leslie R. Caldwell of the Justice Department’s Criminal Division. “As these allegations highlight, predators use the Internet to target innocent victims. With the help of victims and our law enforcement partners, we will find those predators and hold them accountable.”
“The Diplomatic Security Service is firmly committed to working with the Department of Justice and our other law enforcement partners to investigate allegations of crime and to bring those who commit these crimes to justice,” said Director Bill A. Miller of the U.S. Department of State’s Diplomatic Security. “When a public servant in a position of trust is alleged to have committed a federal felony such as cybercrime, we vigorously investigate such claims.”
“While the allegations in this case are disturbing, it does illustrate the willingness and commitment of the FBI and its federal partners to aggressively follow those allegations wherever they take us,” said Special Agent in Charge J. Britt Johnson of the FBI’s Atlanta Division. “The FBI will continue to provide significant resources and assets as we address complex cyber-based investigations as seen here.”
According to U.S. Attorney Horn, the charges and other information presented in court: From January 2013 through May 2015, Ford, using various aliases that included “David Anderson” and “John Parsons,” engaged in a computer hacking and “sextortion” campaign to force numerous women to provide him with personal information and sexually explicit photographs and videos. To do so, Ford allegedly posed as a member of the fictitious “account deletion team” for a well-known email service provider and sent notices to thousands of potential victims, including members of college sororities, warning them that their accounts would be deleted if they did not provide their passwords.
Using the passwords collected from this phishing scheme, Ford allegedly hacked into hundreds of email and social media accounts, stole sexually explicit photographs and personal identifying information (PII), and saved both the photographs and PII to his personal repository.
Ford then allegedly emailed the victims and threatened to release the photographs, which were attached to the emails, unless they obtained videos of “sexy girls” undressing in changing rooms at pools, gyms and clothing stores, and then sent the videos to him.
The indictment alleges that, when the victims either refused to comply or begged Ford to leave them alone, Ford responded with additional threats, including by reminding the victims that he knew where they lived. On several occasions, Ford allegedly followed through with his threats by sending sexually explicit photographs to victims’ family members and friends.
During the pendency of the alleged scheme, Ford was a civilian employee at the U.S. Embassy in London, England. He allegedly used his government-issued computer at the U.S. Embassy to conduct the phishing, hacking and cyberstalking activities.
Michael C. Ford, 37, of Atlanta, Georgia, was indicted by a grand jury on August 18, 2015, charging him with nine counts of cyberstalking, seven counts of computer hacking to extort, and one count of wire fraud. The names of the victims are being withheld from the public in order to protect their privacy.
The charges and allegations contained in an indictment are merely accusations. The defendants are presumed innocent unless and until proven guilty.
The case is being investigated by the U.S. Department of State, Diplomatic Security Service and the Federal Bureau of Investigation.
The case is being prosecuted by Assistant U.S. Attorney Kamal Ghali of the Northern District of Georgia, Senior Trial Attorney Mona Sedky of the Criminal Division’s Computer Crime and Intellectual Property Section, and Trial Attorney Jamie Perry of the Criminal Division’s Human Rights and Special Prosecutions Section. Assistance was provided by the Criminal Division’s Office of International Affairs and the U.S. Embassy in London.
Anyone who believes that they are the victim of hacking, cyberstalking, or “sextortion” should contact law enforcement. Resources regarding hacking and other cybercrimes can be found at: https://www.fbi.gov/about-us/investigate/cyber.
For further information please contact the U.S. Attorney’s Public Affairs Office at USAGAN.PressEmails@usdoj.gov or (404) 581-6016. The Internet address for the U.S. Attorney’s Office for the Northern District of Georgia is http://www.justice.gov/usao-ndga.