A home security technician admitted on Thursday that he secretly accessed the cameras of more than 200 clients, especially attractive women, to spy on while undressing, sleeping or having sex, federal prosecutors said.
Telesforo Aviles, a 35-year-old former employee of security firm ADT, admitted that he secretly accessed clients’ accounts more than 9,600 times in more than four years, according to a plea of guilt presented in court.
“This defendant, charged with protecting clients’ homes, has intruded in his most intimate moments,” said Attorney General Prerak Shah in a statement. “We are happy to hold you accountable for this disgusting betrayal of trust.”
While working for ADT, a home security company that provides alarms, cameras and locks, Aviles noted the homes of clients where attractive women lived, prosecutors said, and then repeatedly gained access to their videos for sexual gratification.
Aviles’ lawyer did not immediately respond to a request for comment.
The technician violated company policies by surreptitiously adding his personal email address to accounts on ADT Pulse, an application that allows customers to remotely check their home security cameras.
Sometimes, Aviles said he needed to temporarily add himself to their accounts to test the security system, prosecutors said. In others, he simply added his email to the account without notifying customers.
Federal charges against Aviles were brought against him in October 2020, five months after several ADT customers filed lawsuits against the company over the breach of security.
Florida-based ADT is currently facing three federal lawsuits related to the incident. The breach affected 220 customers living in Texas.
According to the lawsuits, ADT began notifying customers of the breach in April 2020, telling them that one of its employees had accessed customers’ accounts for about four and a half years.
In the court records, a defendant claims that Aviles accessed the security cameras of her parents’ home at least 73 times between 2017 and 2020, including her bedroom when she was still a teenager.
In the process, the woman said that ADT “has failed to implement proper procedures that would prevent members outside the home from adding email addresses outside the home” to the mobile app.
Another lawsuit alleges that the company “failed to monitor consumers’ accounts and alert them immediately whenever a new email was added to their accounts”.
The suit also claims that the flagrant breach of security was not discovered by the company, but “by chance and luck”.
“A customer, reporting a technical problem, inadvertently revealed unwanted access by third parties,” says the process. “But for this event, ADT would not be aware of this invasive conduct.”
In a statement to BuzzFeed News, an ADT spokesman said the company reported the incident in April 2020 on its website.
“After we learn about unauthorized access, we immediately take preventive measures to ensure that it never happens again and we personally contact each of our 220 customers who were affected by this incident,” says the statement.
In all three cases, customers also claimed that ADT attempted to obtain confidentiality agreements by notifying them of the security breach. In one case, a customer said he received $ 2,500, as well as credit for monitoring services and upgraded equipment.
When she refused, she claimed that the company increased its offer to $ 50,000.
The ADT spokesman said the company apologized to the people who were affected and addressed the issue differently with each customer.
“When speaking to our customers and apologizing for what happened, it is clear that the employee’s abuse of access affected each customer differently,” said the spokesman. “Therefore, we take steps to address your concerns individually.”
According to the case file, ADT moved to close the lawsuit, claiming that, according to its contracts, clients are required to resolve the dispute privately in the arbitration.
The three civil suits are still ongoing.
ADT in a statement said the company continued to respond to the lawsuits and resolved the concerns of most of the 220 affected clients, including those who hired lawyers to handle the matter.
“We remain committed to our efforts to address all concerns of affected customers,” said the statement.
In the meantime, Aviles faces up to five years in prison for pleading guilty to computer fraud, prosecutors said.
He was allowed to remain out of custody until his sentence – but in the meantime, he is banned from working in a job that gives him access to video security systems.