Cyber Threat Actor: Jonathan Powell

The threat actor known by the alias Jonathan Powell is a 29‑year‑old resident of Phoenix, Arizona. He was arrested in October 2015 after a federal complaint alleged he hacked into university email systems. Powell employed password reset mechanisms to gain unauthorized access to student and staff accounts. This led to the compromise of over one thousand email accounts at two institutions.

The primary targets were higher education institutions located in New York and Pennsylvania, with Pace University identified as the New York victim. In addition to the two main universities, Powell attempted to access email systems at roughly seventy‑five other colleges across the United States. His actions included harvesting confidential information from the accounts he gained access to. He also searched the contents of those accounts for potentially embarrassing material using keywords such as “naked” and “horny”.

After gaining entry to the email accounts, he proceeded to compromise linked online services such as Facebook, LinkedIn and Google. This allowed him to mine those associated accounts for additional personal data. No custom malware or exploit toolkits were described in the reporting. His tooling style relied on credential manipulation and the abuse of account recovery functions. Public sources do not associate Powell with any state‑sponsored group or criminal consortium; he acted as an individual offender. The incident described represents his most notable campaign, resulting in charges of fraud in connection with computers. The breach prompted coordination between the affected universities, the Federal Bureau of Investigation and the Manhattan U.S. Attorney’s office. The case was cited by authorities as a warning for educational institutions to strengthen authentication and account recovery processes.