Arizona man arrested for hacking email accounts at universities

Powell attempted to change the password for 2,054 accounts, succeeding with 1,035 of them. (Representational image)

 Powell attempted to change the password for 2,054 accounts, succeeding with 1,035 of them. (Representational image)

An Arizona man was arrested on Wednesday on charges that he hacked into over 1,000 email accounts for students and others at two universities and tried to do the same at 75 other higher-education institutions throughout the country.

Jonathan Powell, a 29-year-old Phoenix resident, was arrested based on a criminal complaint filed in federal court in Manhattan charging him with fraud in connection with computers, according to prosecutors.

According to the complaint, Powell used password reset tools try to access thousands of email accounts at two universities in New York and Pennsylvania, successfully changing the passwords for 1,050 accounts.

Prosecutors said he went on to compromise social media and other accounts at online services such as Facebook, LinkedIn and Google that were linked to the university email accounts, and mined those accounts for users’ confidential information.

Manhattan US Attorney Preet Bharara said Powell also searched their photos for “potentially embarrassing content.” In one instance, he searched a students’ Gmail account using the key words “naked” and “horny,” the complaint said.

“This case should serve as a wakeup call for universities and educational institutions around the country,” Bharara said in a statement.

A lawyer for Powell could not be immediately identified. He was expected to be presented in a federal court in Phoenix later on Wednesday. Neither Bharara’s office nor the Federal Bureau of Investigation, which investigated the incidents, identified the universities at issue.

The biggest victim appeared to be the unnamed New York university, where since at least October 2015, Powell attempted to change the password for 2,054 accounts, succeeding with 1,035 of them, prosecutors said.

In September, he tried to change email passwords for 220 of the Pennsylvania university’s accounts, succeeding with 15, prosecutors said. He also accessed student directories and login portals for more than 75 other colleges, they said.

loading...

You may also like...