A domestic security technician admitted Thursday that he secretly had access to the cameras of more than 200 clients, especially attractive women, to spy on while they were undressed, sleeping or having sex, federal prosecutors said.
Telesforo Aviles, a 35-year-old former employee of the security company ADT, admitted that he had secretly accessed customers’ accounts more than 9,600 times, according to a plea explanation submitted to the court .
“This defendant, who is supposed to protect the clients’ homes, has rather succumbed to their most intimate moments,” U.S. Attorney Prerak Shah said in a statement. “We are happy to hold him accountable for this disgusting betrayal of trust.”
While working at ADT, a home security company that provides alarms, cameras and locks, Aviles took note of customer homes where attractive women lived, prosecutors said, and then repeatedly accessed their video streams for sexual gratification.
Aviles’ lawyer did not immediately respond to a request for comment.
The technician violated the company’s policy by dormantly adding his personal email address to ADT Pulse’s accounts, an app that allows remote customers to view the security cameras of their homes.
Sometimes Aviles claimed he had to temporarily add himself to their accounts to test the security system, prosecutors said. In others, he simply added his email to the account without notifying customers.
The federal charges against Aviles were filed against him in October 2020, five months after several ADT customers filed a lawsuit against the company in connection with the security breach.
Florida-based ADT is currently facing three federal lawsuits in connection with the incident. The violation affected 220 customers who lived in Texas.
According to the lawsuits, ADT began notifying customers in April 2020, telling them that one of their employees had about four and a half years of access to customers.
In the court report, one accused claims that between 2017 and 2020, Aviles gained access to the security cameras of her parental home at least 73 times, including her bedroom while she was still a teenager.
In the lawsuit, the woman said ADT “did not implement adequate procedures that would prevent members who do not have households from adding non-household email addresses” to the mobile app.
Another lawsuit alleges that the company “could not monitor consumers’ accounts and alerted them immediately when a new email was added to their accounts.”
The lawsuit also alleges that the flagrant security breach was not discovered by the company, but “by luck and coincidence.”
” A customer reporting a technical issue inadvertently revealed the unwanted third-party access, ” the lawsuit alleges. “But for the event, ADT would be unaware of this intrusive behavior.”
In a statement to BuzzFeed News, an ADT spokesperson said the company reported the incident in April 2020 on its website.
“After learning of the unauthorized access, we immediately took precautionary steps to ensure that it could never happen again, and we made personal contact with each of our 220 customers affected by this incident,” the statement read. .
In the three lawsuits, the customers also alleged that ADT tried to obtain confidentiality agreements when they notified them of the security breach. In one case, a customer said she was offered $ 2,500, as well as credit for monitoring services and upgraded equipment.
When she refused, she claimed the company had increased their offer to $ 50,000.
The ADT spokesman said the company apologized to the people affected and addressed the matter differently with each customer.
“Speaking to our customers and apologizing for what happened, it’s clear that the employee’s abuse of access affects each customer differently,” the spokesman said. “Therefore, we have taken steps to address their problems individually.”
According to court records, ADT dismissed the case, claiming that clients should resolve the dispute privately in arbitration under their contracts.
The three civil cases are still ongoing.
ADT said in a statement that the company was still responding to the lawsuits and had resolved the concerns of most of the 220 clients affected, including those who retained lawyers to address the issue.
“We remain committed to our efforts to resolve all customer concerns,” the statement said.
Meanwhile, Aviles could face up to five years in prison for pleading guilty to computer fraud, prosecutors said.
He was allowed to remain in custody until his sentencing – but in the meantime he is banned from working in a job that gives him access to video security systems.