He had previously pleaded guilty to nine felony counts that included unauthorized access and damage to protected computers and wiretapping.
He admitted that in period spanning over a year he managed to hack into the aforementioned email accounts by discovering the victims' email addresses, taking advantage of the “Forgot your password?” feature to trigger the mail provider to ask security questions, then trying to answer those questions with publicly available information about the victims in order to gain access.
After succeeding, he would harvest information and documents found in the accounts, then change the account settings to make copies of all emails and attachments received by the victims' be sent to his alias email address.
He admitted that by doing this, he obtained private emails, photographs and documents containing confidential information such as driver’s license information, Social Security numbers, business contracts, and more. He also confessed to having sent some of the stolen photographs to other hackers and gossip sites.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.