Two men were charged with participating in a “swatting” spree that gained access to a dozen Ring home security door cameras nationwide — including one in West Covina — and placed bogus emergency phone calls designed to elicit an armed police response, then livestreamed the events on social media, federal prosecutors announced Monday.
Kya Christian Nelson, 21, of Racine, Wisconsin, and James Thomas Andrew McCarty, 20, of Charlotte, North Carolina, were each charged last week in Los Angeles federal court with one count of conspiracy to intentionally access computers without authorization. Nelson also was charged with two counts of intentionally accessing without authorization a computer and two counts of aggravated identity theft, according to the U.S. Attorney’s Office.
For one week in November 2020, Nelson and McCarty allegedly gained access to home security door cameras sold by Ring LLC, a home security technology company. They also acquired without authorization the username and password information for Yahoo email accounts belonging to victims throughout the United States, the indictment alleges.
In the West Covina case, Nelson and an accomplice allegedly accessed without authorization Yahoo and Ring accounts belonging to the victim. A hoax telephone call was placed to the West Covina Police Department purporting to originate from the victim’s residence and posing as a minor child reporting her parents drinking and shooting guns inside the residence, court papers allege.
Nelson allegedly also accessed without authorization a Ring doorbell camera, located at the residence of the victim’s parents and linked to the victim’s Ring account, and used it to verbally threaten and taunt West Covina Police officers who responded to the reported incident, according to the indictment.
The series of nationwide swatting incidents prompted the FBI in late 2020 to issue a public service announcement urging users of smart home devices with cameras and voice capabilities to use complex, unique passwords and enable two-factor authentication to help protect against swatting attacks.
If they were to be convicted of the conspiracy charge in the indictment, each defendant would face up to five years in federal prison. The charge of intentionally accessing without authorization a computer carries a maximum possible sentence of five years, and the charge of aggravated identity theft carries a mandatory two-year consecutive sentence, prosecutors noted.