Geoffrey S. Berman, the United States Attorney for the Southern District of New York, announced that Jonathan Powell was condemned yesterday to 6 months in jail for mechanism rascal in tie with his scheme to obtain unapproved entrance to some-more than 1,000 email accounts confirmed by a New York City-area university in sequence to download sexually pithy photos and videos. Powell formerly pled guilty to the charge on Aug 9, 2017.
U.S. Attorney Geoffrey S. Berman said: “Jonathan Powell used his mechanism skills to crack the confidence of a university to benefit entrance to their students’ personal accounts. Once Powell had access, he searched the accounts for compromising photos and videos. No college tyro should have to fear that personal, private information could be mined by strangers for potentially compromising material.”
According to the allegations in the Information to which Powell pled guilty, a rapist censure filed against Powell and other filings done in the case, and statements done during the defence and other record in the case:
From Oct 2015 up to Sep 2016, Powell obtained unapproved entrance to email accounts hosted by a U.S.-based university, which has its primary campus in New York, New York (“University-1”). Powell obtained unapproved entrance to these accounts by accessing the cue reset application confirmed by the email servers at University-1, which was designed to concede certified users to reset lost passwords to accounts. Powell employed the cue reset application to change the email comment passwords of students and others dependent with University-1. Once Powell gained entrance to the compromised email accounts (the “Compromised Accounts”), he obtained unapproved entrance to other password-protected email, social media, and online accounts to which the Compromised Accounts were registered, including, but not singular to, Apple iCloud, Facebook, Google, LinkedIn, and Yahoo! accounts.
Specifically, using the Compromised Accounts, Powell requested cue resets for related accounts hosted by those websites (the “Linked Accounts”), ensuing in cue reset emails being sent to the Compromised Accounts, which allowed Powell to change the passwords for the Linked Accounts. Powell then logged into the Linked Accounts and searched within the Linked Accounts, gaining entrance to private and trusted calm stored in the Linked Accounts. In one instance, Powell searched a University-1 student’s related Gmail comment for digital photographs and for several licentious terms. The Government’s review eventually suggested that Powell accessed the Compromised and Linked Accounts in sequence to download sexually pithy photographs and videos of college-aged women.
An research of University-1 cue reset application logs and other information suggested that Powell accessed the University-1 cue reset application approximately 18,640 opposite times between Oct 2015 and Sep 2016. During that time, Powell attempted approximately 18,600 cue changes in tie with approximately 2,054 singular University-1 email accounts, and succeeded in making approximately 1,378 cue changes in tie with approximately 1,035 singular University-1 email accounts, in some cases compromising the same email comment mixed times.
Additional review suggested that Powell had also compromised 15 email accounts hosted by a second university located in Pennsylvania. In a post-arrest matter done to questioning agents, Powell additionally certified to compromising email accounts at several other educational institutions located in Arizona, Florida, Ohio, and Texas.
* * *
In further to the jail term, Powell, 30, Phoenix, Arizona, was condemned to two years of supervised recover and systematic to compensate $278,855 in restitution.