This article was produced in collaboration with Court Watch, an independent outlet that unearths overlooked court records.
The FBI investigated a man who allegedly posed as a police officer in emails and phone calls to trick Verizon to hand over phone data belonging to a specific person that the suspect met on the dating section of porn site xHamster, according to a newly unsealed court record. Despite the relatively unconvincing cover story concocted by the suspect, including the use of a clearly non-government ProtonMail email address, Verizon handed over the victim’s data to the alleged stalker, including their address and phone logs. The stalker then went on to threaten the victim and ended up driving to where he believed the victim lived while armed with a knife, according to the record.
The news is a massive failure by Verizon who did not verify that the data request was fraudulent, and the company potentially put someone’s safety at risk. The news also highlights the now common use of fraudulent emergency data requests (EDRs) or search warrants in the digital underworld, where criminals pretend to be law enforcement officers, fabricate an urgent scenario such as a kidnapping, and then convince telecoms or tech companies to hand over data that should only be accessible through legitimate law enforcement requests. As 404 Media previously reported, some hackers are using compromised government email accounts for this purpose.
“This case does demonstrate the importance of every request being documented and auditable,” Matt Donahue, the founder of Kodex, a company that acts as a buffer between law enforcement and tech giants to verify requests for customer data, told 404 Media in an email. 
Robert Michael Glauner is charged with both stalking and a fraud charge related to “obtaining confidential phone records information of a covered entity,” according to the criminal complaint filed against him in the Eastern District of North Carolina. Glauner allegedly tried to obtain confidential phone records related to a victim named in the court record as MGD.
Glauner met MGD on xHamster around August or September, according to the complaint. The pair had an online romantic relationship, which MGD then ended. Glauner kept trying to contact MGD, and then escalated further towards the end of September, the complaint continues.
It alleges that a part of Verizon called the Version Security Assistance Team–Court Order Compliance Team (or VSAT CCT) received an email from steven1966c@proton.me.
“Here is the pdf file for search warrant,” Glauner, allegedly pretending to be a police detective, wrote in the email. “We are in need if the this [sic] cell phone data as soon as possible to locate and apprehend this suspect. We also need the full name of this Verizon subscriber and the new phone number that has been assigned to her. Thank you.”
The attachment itself says it was written by a “Detective Steven Cooper of the Cary, NC police Department,” and claims that the owner of the phone number was at the scene of a homicide. “Two eye witnesses describe the female suspect as fleeing the scene moments after the crime occurred. Now my superior office and I believe that a member from our police department is compromised by the suspect. And the sheriffs office may be as well.”
Glauner allegedly then wrote “on Friday the 22nd of September the suspect had the Verizon phone number changed,” and asked for “all cell phone data” for the specific number. (FBI Special Agent Michael Neylon who signed the complaint appears to have only redacted the victim’s phone number in some sections and not others; for that reason 404 Media is not publishing the full court record). The warrant is then seemingly signed by a judge.
As the complaint against Glauner notes, this “search warrant” was not correctly formatted and did not include an additional form that is required for search warrants in North Carolina. That, and the Cary Police Department confirmed that no such Steven Cooper is employed with the agency, the document says. The judge who allegedly signed the document, Gale Adams, was shown the document and told investigators the signature was not hers either. Most obviously of all, the document was sent with a ProtonMail email address, which is “not an official government email address,” the complaint says.
About an hour after receiving the email, Verizon’s VSAT CCT received a phone call from someone identifying themselves as the named police officer. “The caller said that he had just received information from a CI (Confidential Informant) that the ‘suspect’ in the homicide case was going to flee to Puerto Rico and requested a rush on delivery of the data,” the complaint continues.
Staggeringly, on October 5, Verizon provided MGD’s phone records, which included their address and “phone logs,” to Glauner, the complaint says. Throughout October, VSAT CCT received other emailed demands for data, as well as more phone calls.
Glauner then allegedly bombarded the victim’s mother with voice messages, trying to contact MGD, and also contacted MGD’s father. Glauner also contacted MGD’s place of work for several days, according to the court record. During the investigation, authorities learned Glauner was already wanted by the San Diego Sheriff’s Office on a stalking charge. In that earlier case, a report said that the victim had “changed her phone number 4 times in the last four months but somehow [Glauner] keeps getting her number.”
Things then escalated further when MGD received a long, threatening text message from Glauner, in which he said he was on his way to North Carolina. “Maybe I should just turn around head to your house and stop at a f***** Walmart or somewhere or I don’t know Dick’s sporting goods what else though the big five and pick me up a f**** rifle and come to your house how’s that sound f*******,” one section of the message read.
Law enforcement then performed surveillance at the address Glauner appeared to be heading to. At around 9 p.m. he arrived, and authorities arrested him shortly after. Glauner was in possession of a “black folding razor blade knife,” the record says. When authorities later searched the Jeep Glauner had driven, they found methamphetamine and two bundles of rope.
Richard Young, a spokesperson for Verizon, told 404 Media in an emailed statement that “We are cooperating with law-enforcement on this matter. Any additional questions should be directed to them.”
The U.S. Attorney’s Office for the Eastern District of North Carolina declined to comment.
Verizon is not the only telecom that has failed to properly verify requests like this. In a somewhat similar case, I spoke to a victim who was stalked after someone posing as a U.S. Marshal tricked T-Mobile into handing over her phone’s location data. T-Mobile “put my life in danger,” Ruth Johnson, the victim, previously told me. John Edens, the man responsible, had a history of stalking and domestic violence.
Update: this piece has been updated to include more information about a previous similar case.
