The man - one George Samuel Bronk of Citrus Heights, California - allegedly scanned the victims' Facebook accounts for personal information that would allow him to guess the security question needed to reset the password when he initiated the forgotten password process with their e-mail service provider.
Having gained access to the victims' e-mail accounts, he searched the "Sent Mail" folder for compromising pictures and/or videos. Once found, he forwarded them to all the victims' e-mail contacts, and downloaded them to his computer.
For some victims, the embarrassment didn't end here. Once he compromised their e-mail accounts, he again used the forgotten password process to gain access to their Facebook accounts, and posted the pictures to the accounts' photo galleries and comments on the Facebook pages of their "friends".
According to The Sacramento Bee, he even blackmailed one of the victims via chat into sending him more compromising pictures so that he would refrain from divulging the ones he already had in his possession - and the victim complied.
The investigation lasted two months, and involved the Computer Crimes Investigations Unit of the California Highway Patrol and the Connecticut State Police - since the victim who first reported the abuse was from that state. Bronk was finally found when they tied the IP address to his home computer.
A search of his apartment unearthed the pictures and videos of the victims, some 1,100 images and 50 videos of child pornography, and a list of 3,200 e-mail profiles potential victims, so Bronk is looking at charges related to computer intrusion, identity theft, child pornography and extortion.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.