Home security technician admits hacking customers' security cameras
He added his email to people's accounts and watched their video feeds.
A former ADT security company employee has admitted to breaking into the cameras he installed in users’ homes in the Dallas area to watch their private moments. Telesforo Aviles has pleaded guilty to computer fraud and now faces up to five years in federal prison. According to the Department of Justice, Aviles has admitted that he would take note of the homes of women he deemed attractive to log into their accounts and view feed from their cameras for sexual gratification.
He was able to access customers’ footage by adding his email addresses to their “ADT Pulse” accounts. Aviles added his address without their knowledge at times, though there were also times when he told them he needed temporary access to their accounts for testing purposes. In his plea papers, he said he accessed over 200 customers’ accounts more than 9,600 times over the course of four-and-a-half years. He also admitted to watching video feeds of naked women and couples engaging in sexual activities.
FBI Dallas Special Agent in Charge Matthew J. DeSarno said in a statement:
“The defendant used his position of employment to illegally breach the privacy of numerous people. The FBI works with our law enforcement partners to thoroughly investigate all cyber intrusions and hold criminals accountable for their actions. Cyber intrusions do not only affect businesses, but also members of the public. We encourage everyone to practice cyber hygiene with all their connected devices by reviewing authorized users and routinely changing passwords. If you become the victim of a cybercrime, please contact the FBI through ic3.gov or 1-800-CALL FBI.”
ADT has been updating a page about the situation over the past months. In its first statement from April, the company said a customer notified it about an unauthorized email on their account. “As soon as we discovered this, the unauthorized access was revoked, and the employee was terminated. We also reported him to law enforcement,” ADT wrote at the time.
As Ars Technica notes, ADT is now dealing with several lawsuits over what issue, one of which is a proposed class action filed on behalf of minors living in the homes Aviles hacked into. BuzzFeed News also reports that the plaintiffs in three lawsuits said ADT tried to offer them confidentiality agreements when they were notified of the security breach.
