LOS ANGELES – A Los Angeles man who had worked as a NASA contractor pleaded guilty this afternoon to federal charges of hacking into email and social media accounts to obtain nude photographs of women and then threatening to publish the nude photos unless victims provided him with additional explicit pictures, the U.S. Attorney’s Office announced.
Richard Gregory Bauer, 28, a former contractor at NASA Armstrong Flight Research Center, pleaded guilty to three charges – stalking, computer hacking and aggravated identity theft.
Bauer, who used aliases that included “Steve Smith,” “John Smith,” and “Garret,” pleaded guilty before United States District Judge John F. Walter, who scheduled a sentencing hearing for December 17.
Bauer, who currently resides in the Mid-Wilshire District of Los Angeles, and who recently lived in the High Desert communities of Palmdale and Lancaster, admitted in court that he obtained unauthorized access to victims’ online accounts and threatened the women starting in early 2015 and continuing through early 2018.
In a plea agreement filed in United States District Court, Bauer acknowledged that he sent victims anonymous online messages threatening to disseminate nude pictures if they did not send additional photographs of themselves. In some cases, but not all, Bauer had explicit photographs in his possession. Bauer knew all of his victims, who were friends, family, acquaintances from high school and college, co-workers, and friends of friends.
Bauer hacked into the victims’ online accounts in two ways. In some cases, Bauer, using his true identity, contacted victims on Facebook and posed a series of questions, purportedly as part of a project he was working on for his “human societies class.” Some of the questions included typical questions used to reset online passwords, such as the name of your first pet or the city where your parents met. Armed with that information, Bauer reset passwords to gain access to his victims’ online accounts, primarily cloud-based iPhone backups, from which he harvested photographs, videos and documents containing passwords for other accounts.
In other instances, again using his true identity, Bauer convinced victims to install malware that he claimed was software that he needed help testing. The malware gave Bauer unauthorized access to the computers, and allowed him, among other things, to capture from the victims’ computers passwords for web sites and e-mail accounts.
As a result of today’s guilty pleas, Bauer faces a statutory maximum sentence of five years in federal prison for the stalking and computer hacking counts. The aggravated identity theft count carries a two-year, consecutive prison term.