June 16 – BUFFALO, N.Y.-U.S. Attorney James P. Kennedy Jr. announced today that David Mondore, 29, of New York, New York, pleaded guilty before Senior U.S. District Judge William M. Skretny to accessing a protected computer without authorization and, by means of such conduct, furthering the intended fraud and obtaining anything of value. The charge carries a maximum penalty of five years in prison and a $250,000 fine.
Assistant U.S. Attorney Charles M. Kruly, who is handling the case, stated that between July 2018 and August 2020, the defendant gained unauthorized access to, and control of, Snapchat accounts belonging to third parties. After doing so, Mondore often located nude “selfie” photos saved in the victims’ “My Eyes Only” folder, which the defendant then saved to his own phone.
After gaining unauthorized access to a victim’s Snapchat account, Mondore typically sent messages from the Snapchat account to the victim’s Snapchat contacts, sending them under the ruse that the first victim needed the second victim’s Snapchat login credentials to access the second victim’s account. After receiving the second victim’s login credentials and gaining unauthorized access to the second victim’s Snapchat account, Mondore sent a text message to the second victim using a smartphone application that allowed him to anonymize his true phone number. The text message purported to be from Snapchat Security and requested—as a way of verifying that the second victim’s Snapchat account had been legitimately accessed—that the second victim send the passcode for his or her “My Eyes Only” folder. After the second victim sent his or her “My Eyes Only” passcode, Mondore could, and did, gain unauthorized access to the second victim’s “My Eyes Only” folder, from which he could locate and save the second victim’s nude photos. After gaining access to the second victim’s Snapchat account, the defendant then repeated this pattern of activity by using the second victim’s Snapchat account to contact, and then gain unauthorized access to, Snapchat accounts belonging to the second victim’s Snapchat contacts.
For example, in December 2019, Victim 1 received a Snapchat message from a Snapchat account belonging to an acquaintance known as Victim 2. The person who contacted Victim 1 from Victim 2’s Snapchat account asked Victim 1 for her Snapchat login credentials so that Victim 2 could use Victim 1’s Snapchat account to verify whether Victim 2 had been “blocked” by another Snapchat user. Victim 1 sent her Snapchat login credentials to Victim 2. Victim 1 then received a text message purporting to be from Snapchat Security, but which was, in reality, sent from the defendant’s smartphone. The text message stated that Victim 1’s Snapchat account had been locked and could only be unlocked if Victim 1 provided the passcode for her “My Eyes Only” folder. After gaining access to Victim 1’s “My Eyes Only” folder, Mondore sent an explicit photo of Victim 1 to 116 of Victim 1’s Snapchat contacts with a caption reading: “Flash me back if we are besties.” Four of Victim 1’s Snapchat contacts responded by sending the defendant explicit photos of themselves.
Mondore gained unauthorized access to Snapchat accounts belonging to 14 victims in the Western District of New York. The defendant admits that he gained unauthorized access to at least 300 Snapchat accounts belonging to victims both in the Western District of New York and elsewhere.
The plea is the result of an investigation by the Federal Bureau of Investigation, under the direction of Special Agent-in-Charge Stephen Belongia.
Sentencing is scheduled for September 29, 2021, before Judge Skretny.
# # # #