Don’t Cross the Line, You’re Bound to get Caught
Often we receive phone calls with people asking us to do things that either clearly cross the line of what is legal, or push the boundary of what might be considered legal, but not moral. When I have spoken to people like this on the phone, including the rare private investigator, I politely turn them down and let them know that the price they would pay for the case is not worth the price I would pay if I or anyone at Decipher Forensics were caught in such nefarious acts. While we do take part in many amazing cases, we work within the bounds of the law. Do we “know people” yes, yes we do know hackers and they are good people. I have never asked one of them to break the law though. Today so much information can be obtained through proper use of social engineering. When you break the law, you end up getting caught at some point.
Enjoy this example of going too far and getting caught.
This afternoon, Eric Saldarriaga, a private investigator from Astoria, New York, will be sentenced in federal court for his part in a conspiracy to hack into the e-mail accounts of more than 50 individuals as part of his investigations. (He has pled guilty.) Among his victims are two prominent critics of the Church of Scientology, both of whom were recently featured in the book and HBO documentary film Going Clear. Update: Saldarriaga received a sentence of three months imprisonment, three years of supervised probation, and a $1,000 fine—in addition to forfeiture of $5,000 he received in fees for hacking at least one account.
Who were Saldarriaga’s clients? That remains unclear; court documents haven’t revealed it, and the transcripts of his guilty plea are still held by the court awaiting redaction. But both Scientology critics are now convinced that it was the church which set Saldarriaga on them. “There can be no doubt that one of Mr. Saldarriaga’s clients is Scientology,” Mike Rinder, a former Scientology official and one of the victims notified by the US Attorney’s Office, said in a written statement sent to the court.
Ars attempted to get a comment from a church of Scientology spokesperson, but did not receive a response in time for publication. We will update this story if we receive comment.
Here’s how the hacks happened. According to a sentencing letter filed by the US Attorney’s Office for the Southern District of New York, “Between at least 2009 and March 2014, through certain services advertised on the Internet (the ‘Hacking Services’), the defendant hired other individuals to hack into, i.e., to gain unlawful and secret electronic access to, the e-mail accounts of almost 50 different individuals (collectively, the ‘Victims’). For certain victims, the defendant attempted to gain unlawful access to more than one e-mail account. In total, the defendant hired the Hacking Services to attempt to hack into, and provide the defendant with unauthorized access to, at least 60 different e-mail accounts.”
The government has not named the individuals hired by Saldarriaga to perform the mail hacking, but it describes them as “known and unknown”—so cases against them are likely pending. Saldarriaga, who also used the alias “Emmanuela Gelpi” in Internet communications, would contact the “Hacking Services” by e-mail to request the username and password for specific targets’ accounts; when successful, the hackers would e-mail back a screenshot of the targets’ e-mail inbox and demand payment, usually via PayPal. They would then pass along the login credentials for the e-mail account, and Saldarriaga would log in—sometimes to gather information for clients, and sometimes “to investigate individuals in which the defendant was interested for personal reasons,” Assistant US Attorney Daniel Noble wrote in his sentencing memorandum to the court.
The government stated in its sentencing memorandum that Saldarriaga lied to the court in his guilty plea—including lying about having a New York State investigator’s license. The website for his investigative firm, Iona Research Services, Inc. (now just a blank page), previously promoted Saldarriaga’s business as providing “Internet Profiling,” “E-mail Tracing,” and “Computer Security” services. It also used an Investigator’s License number associated with another investigator in Rockland County, New York.
A mysterious client
One of the targeted e-mail accounts belonged to Tony Ortega, executive editor of The Raw Story and former editor of The Village Voice. Ortega, who has written about the Church of Scientology since 1995, has written a book about the church’s campaign against the author Paulette Cooper. In an interview with Ars, Ortega said that he first became aware of Saldarriaga in 2013 when he started receiving read receipts for e-mails sent from an account associated with his Web domain.
Saldarriaga had been sending messages from an account that was set up to look like it belonged to Ortega. The e-mails sent by Saldarriaga used a Point-of-mail account, which allowed him to track when they were read. But he had mistakenly configured his account to send read receipts back to Ortega—as well as to his fake account.
“He screwed up,” said Ortega. “Otherwise I’d have never caught him.”
After tracking the messages back to Saldarriaga in November 2013, Ortega said, “I contacted him and said, ‘What the hell?’ He said that he had been hacked too, and that some other private investigator was using the two of us to investigate some missing persons thing.” Saldarriaga said he believed that both of them were being “punked” by a former client of his.
“I asked him point blank if this was Scientology, and he said no,” Ortega said. Saldarriaga insisted that he “would never work for Scientology.”
After getting assurances from his lawyer—who is also his webmaster—that his website’s server had not been breached, Ortega says he wrote off the whole episode. That is, until recently, when he received a letter from the Justice Department informing him that he had been determined to be a victim of Saldarriaga’s hacking operations. Ortega was given the opportunity to write a “Victim Impact Statement” for Saldiarraga’s sentencing hearing.
Ortega’s attorney, Scott Pilutik, wrote to Peter Brill, the attorney representing Saldarriaga, again asking why Saldarriaga had used Ortega’s e-mail address in an investigation. Brill responded by phone, telling Pilutik that the client was the father of a missing person named Jay Banarjee. He told Pilutik again that there was no connection between the case and the Church of Scientology.
But then Ortega spoke with Mike Rinder, a former international spokesperson for the Church of Scientology who left the group in 2007, and everything changed.
Rinder, who had also acted as a confidential informant to the FBI in a human-trafficking investigation against the church, told Ortega that he had just been notified by the Justice Department that his e-mail had been hacked by some private investigator. Ortega asked him if the investigator was Saldarriaga; Rinder, surprised, replied that it was. So both men filed victim impact statements with the Justice Department, pressing the government to pursue charges against Saldarriaga’s clients—convinced that the Church of Scientology was involved.
In his statement to the court, Rinder wrote:
There can be no doubt that one of Mr. Saldarriaga’s clients is Scientology. One of the other victims of this crime is Tony Ortega, the most prominent journalist in the world exposing Scientology abuses for at least a decade. I spoke with Mr. Ortega yesterday and learned that he received a similar letter to mine. The ONLY thing Tony Ortega and I have in common is that we are at the top of Scientology’s enemies list because we have publicly exposed their abusive practices.
I believe the court would find it helpful to review Mr. Ortega’s victim impact statement in concert with mine, as Mr. Ortega and I have experienced similar surveillance and harassment. Mr. Ortega’s statement also demonstrates that Mr. Saldarriaga lied only weeks ago when he was explicitly asked whether he was working for Scientology.
Scientology may well have used a “cut-out” to hire Mr. Saldarriaga so he can claim ignorance. But following the payments will ultimately go back to Scientology. This should be investigated as this is a pattern of behavior Scientology has gotten away with for too long – while making a mockery of the First Amendment protections they claim as a religion and a falsely obtained tax exempt status. Scientology is violating public policy by hiring people to commit felonies, and that is compounded by the fact they are using tax exempt funds. This sort of criminal behavior should cost them their exempt status under the law – these activities are being subsidized by US taxpayers. This will happen only if the USAO pursues this matter back to the perpetrators. Only then will justice truly be served.
Rinder has some familiarity with that pattern of behavior, as “Mike Rinder used to run these operations,” said Ortega. While with the church of Scientology’s SEA ORG, Rinder has claimed that he was responsible for initiating private investigations against former Scientology members, the family members of church members, and others.
In his victim statement, Ortega told the court, “It is disturbing to me that I have been given no information about the extent of Mr. Saldarriaga’s access to me, and for whom he was working, given that Mr. Brill’s representation on behalf of Mr. Saldarriaga were evidently not truthful. Sentencing Mr. Saldarriaga without pressing him for this information would be as much of a miscarriage of justice as his original crime. Whoever paid Mr. Saldarriaga should be investigated and prosecuted.”
According to filings from the US Attorney’s office, investigators have not yet been able to determine the identities of all of the victims of Saldarriaga’s e-mail incursions. On May 1, Assistant US Attorney Noble filed a request for subpoenas with the court to obtain “basic subscriber information from various service providers for the e-mail accounts the government has identified as being possibly compromised as a result of the defendant’s conduct.”