from the missed-that-in-the-background-check dept.
Between January 2013 and May 2015, one employee at the U.S. embassy in London hacked into over 400 online accounts belonging to at least 200 victims and forwarded at least 1,300 messages to himself:
Michael Ford, who worked in the American embassy in London, pleaded guilty to nine charges of cyber-stalking, seven of computer hacking to extort and one of wire fraud. He preyed on sorority members at US universities and aspiring models. Ford used the details he learned after hacking the women to find new victims.
The 36-year-old, from Atlanta, in the American state of Georgia, posed as technical support staff from a well-known email company and sent phishing messages to thousands of potential victims. Pretending to be a member of the non-existent account-deletion team, he told them their accounts would be closed unless they sent him their passwords. He then accessed their email and social media accounts in search of explicit photos and other personal information, such as home and work addresses, employment information and details about family members.
He used that information to demand additional sexually explicit material, such as videos of the women undressing in changing rooms at pools and shops. If they refused, Ford would respond with escalating threats that included messages such as: "Don't worry, it's not like I know where you live." He also posted explicit photos of the women online or sent them to friends and family.