Chapters
Shownotes Transcript
This episode is brought to you by Shopify. Forget the frustration of picking commerce platforms when you switch your business to Shopify, the global commerce platform that supercharges your selling wherever you sell. With Shopify, you'll harness the same intuitive features, trusted apps, and powerful analytics used by the world's leading brands. Sign up today for your $1 per month trial period at shopify.com slash tech, all lowercase. That's shopify.com slash tech.
There have been many studies into the different types of music fans. Basically, they can be broken down into four types. At the bottom of the pyramid are people who aren't fans of your music at all. They don't like you or don't care about you and may not even know who you are. So for the purposes of this discussion, they don't matter because they don't care.
The next level are casual fans. They sort of like you or your music, but they can take or leave whatever it is that you're selling. They have zero investment in your career. If your music comes on, they might listen. Going up another level, we have true fans. They love you enough that they will spend money on you. They'll stream your music faithfully, buy physical product like CDs or vinyl from time to time. They probably own a t-shirt or two and will go to your shows and have a very good time.
At the very top of this pyramid are the superfans. Superfans love, love, love you. They're evangelists. They follow your every move. They buy everything. They'll get involved and donate to your charitable causes. And they will go to all of the shows. They may total maybe 10% of your total fan base.
But they are the source of the majority of your income, like 60, 70, even 80%. They are at the top of the fan pyramid. From there, though, we can cross over to the dark side. And this is where we find the fantasists, the deluded, the obsessed, the trolls, and frankly, the insane. They are dangerous people, a threat to you and the people around you. And they show up when you least expect it.
And if they break into your online world, well, that's a whole new level of terror. I'm Alan Cross, and have I got a story for you. This is Uncharted, Crime and Mayhem in the Music Industry, Episode 7, The Linkin Park Cyberstalker. On this edition of Uncharted, we're going to look at the most dangerous kind of fan, the super obsessed.
This obsession can be driven by misguided love or murderous hate. These people live in a land of fiction, illusion, and make-believe. Contact with them is unwanted and sometimes very, very dangerous. According to the professionals who study such things, 2% of all men and 8% of all women will be stalked to some degree at some point in their lives.
Stalkers can be broken down into three broad categories. The first is known as intimates. They are former partners who refuse to accept that a relationship is over. The second type is known as delusionals. These people usually suffer from some kind of mental illness that has them believe that for some reason, one that seems very logical to them, that they need to be in contact with the target of their obsession. Delusionals can be reasonably benign,
Take the case of Slipknot. You'd expect that such an extreme band would have some extreme fans, and they do. An example would be a Dutch Slipknot fan, a real apostle known as Crazy White Sean. On Valentine's Day, when Slipknot was playing a show in Amsterdam, Crazy White Sean showed up with a gift. Inside a big Valentine's Day box was the heart of a cow. This was gross, but Slipknot had actually seen this before. One fan had presented them with an actual human femur.
No idea where he got it. Something a little more threatening was a series of fan letters Trent Reznor once received back in the 1990s. They were all written in human blood. Again, disturbing and weird, but that demonstration of devotion never escalated beyond that. The third type of stalker are the vengefuls. They believe that their target has somehow wronged them and that the person needs to be punished in some way. The Linkin Park cyber-stalking crisis
never turned into anything physically dangerous. But it does involve the issue of identity theft of a rock star. And it ultimately led to a national security crisis involving a facility that produced the technologies for America's nuclear arsenal. Identity theft is a growing problem.
If someone gains control of your identity, they can wreak some serious chaos in your life and finances. They can, for example, empty your bank account, acquire the deed to your house, take out credit cards in your name, post damaging things that become attached to you, and so on. Making it stop can take months and thousands of dollars. And then it takes even longer to repair the damage that was done. This story shows that it can happen to anyone. ♪ Didn't you say I'm stuck, what can I get? ♪
I need a little room to breathe. I'm about to break, but the answer is I'm so clear. Lincoln Park has an amazing management team around them. When I was dealing with them in the early 2010s, I spoke to several people who were in charge of the band's online presence. They were smart, way ahead of what most acts were doing at the time with things like social media and online fan engagement. They were also very conscious of the need for security.
But the online world of Linkin Park wasn't always as secure as it is today. We might be able to trace things back to the spring of 2006. In late March of that year, Linkin Park vocalist Chester Bennington had his cell phone hacked. This was in the era before the iPhone and other smartphones. It was also before things like two-factor authentication, facial recognition, reminders for strong passwords, and all the other things that we do today.
Chester and his wife, Talinda, were plunged into a cybersecurity nightmare that went far beyond just a hacked phone. It was a situation that affected America's national security apparatus and, like I said, involved its nuclear arsenal. I'm not making this up. You heard that right. It all began when Talinda opened an email from an address she didn't recognize. It read, I'm very happy for you and Chester. Also in the email was a link to a website run by Chester's ex-wife, Samantha, which
Well, that's strange, but Talinda thought it was just another troll. When you're a rock star, or their partner, you come to expect this sort of thing. On April 6th, this would be a couple of weeks later, the couple heard from a male friend, someone who had dated Talinda in the past, that he'd had a similar sort of email. One from the address informant4u at yahoo.com. This one was more sinister.
The fax in the email should have been private and known only to Chester, to Linda, and a close circle of friends and associates. This was followed by another email sent directly to Linda when Chester was out of town with the band. I know you're going through a hard time being alone, it said. My thoughts and prayers are with you. Creepy. And it certainly intimated that this person somehow had access to Chester's work schedule.
The emails didn't end there. They kept coming throughout the spring of 2006, each time letting both Chester and Talinda know that their personal lives had been compromised. And then the phone calls started. Chester's mobile would ring in the middle of the night, usually between 4 and 4.30 a.m. But when he answered it, no one was there. Eventually, he checked the caller ID and called that number. A switchboard operator somewhere in New Mexico answered.
She was no help because she had no idea which extension the call originated from. So Chester just hung up in frustration. A few nights after that, Chester's cell phone rang again. And this time, Talinda answered. A female voice said, I'm watching you, whore. This time there was no caller ID. It had been blocked. Talinda's friends started emailing. Apparently, they were receiving strange messages from her detailing things that Talinda would not write. I didn't send any of those messages, she said.
They'd all come from a Yahoo account that she'd stopped using months ago. Back then, Linkin Park had a head of security. His name was Bruce Thompson. And he got an email that was supposed to be from Talinda. It read, Hi, Bruce. Do we have an email for Samantha? Remember, that was Chester's ex-wife. Strange emails from fan sources have been received, it read. They seem to know a lot of information. Now, to Bruce, this looked like Talinda was sending him a message about Chester's ex-wife.
But it wasn't. It was from this mystery cyber stalker. The emails from the informant Yahoo account kept coming. Each contained information about the Benningtons that should have been very private, right down to a child custody issue that they were having. Things were now beyond creepy. A little later, Talinda tried to log on to the couple's eBay account, but she couldn't get in because someone had changed the password. They got a notification from PayPal that someone had tried to change the password on that account. What was going on?
Then, in August 2006, Chester got an email from his cell phone provider confirming that he had successfully changed his password on his account. But he hadn't. He had chosen to receive bills in the mail and not online. He didn't even have online account management with his cell phone provider. Somebody created that account and then changed his password. He changed it back. And then someone changed it again. He tried a second time. Same result.
Someone had somehow gained control over the password for Chester's phone. When they logged on, they found something written in the field where the password should have been. It read, Who is doing this to you? The Benningtons were completely freaked out.
They had to find this person and stop them from intruding even further into their lives and taking more of their identities. They called local authorities, but they claimed they couldn't do anything unless someone actually got hurt, so they were no help. This was getting seriously frightening. Chester and Talinda were always looking over their shoulders. Were they in physical danger? What was this person capable of doing? And if the cops weren't going to help, what were they supposed to do? Fortunately for them, they found the right guy.
And when he got on the case, what he uncovered was completely unbelievable. In 2006, cyber-stalking was a problem, but it wasn't recognized as seriously as it is today. Finding someone who understood the threats of cyber-stalking and how to deal with it was hard. Fortunately for the Benningtons, Chester's wife Talinda called a lawyer friend in Beverly Hills, and he knew just the guy who could help. Call him, he said. He'll assess the situation, and if he thinks you need his help, you're in.
The contact was an ex-secret service agent named Gus Dimitrilos. He had retired from the government work because of a bad knee. His current job was in the field of cybersecurity and computer forensics. He had experience protecting at least two presidents, as well as hunting down software pirates and counterfeiters. Dimitrilos was now working security in the private sector, assisting governments, institutions, organizations, companies,
and private citizens when it came to their online security. And he had a website, whohackedme.com. Talinda called him on September 11, 2006. Dimitrios didn't like to take celebrity cases, but because of the recommendation from the lawyer friend in Beverly Hills, he signed on to help. Dimitrios started performing forensics on the email sent by the informant account. He kept running across a particular IP address. When he looked it up, he was shocked.
The emails were coming from Sandia National Laboratories in Albuquerque, New Mexico. Now, Sandia is one of three nuclear weapons research facilities run by the U.S. Department of Energy. These days, it runs out of Kirkland Air Force Base.
Its forerunner was the facility set up by Robert Oppenheimer back in 1949 after he helped the U.S. develop the atomic bomb with the Manhattan Project at nearby Los Alamos. It is now run by Lockheed Martin, the defense contractor.
It specializes in about 70 different areas of scientific research, ranging from hazardous waste disposal to supercomputers to extreme physics that involve the nation's nuclear deterrence projects. So, wait a second. Someone inside a top-secret nuclear defense facility was harassing a rock star and his wife? Really? That's insane.
Dimitrilos thought that someone might be using that IP address as a proxy to obscure the sender's real location and identity. In other words, a computer at Sandia had been compromised by someone on the outside. That was bad. Far worse than a simple cell phone or email hack. What if it was somebody from Russia or China or Iran or North Korea? If they were harassing a singer in a rock band, what else were they doing? What else could they do?
This wasn't just a matter of a paranoid rock star and his wife. This was the US Department of Defense making this a matter of national security involving an institution involved in making nuclear weapons. Fortunately, Dimitrelos knew some people within the federal government. He was, after all, ex-secret service and still had contacts with that part of the public sector. He managed to get a call with the IT supervisor at Sandia, who, strangely,
didn't seem all that concerned. "Ah, it's nothing," he said. "Probably just a compromised computer. We'll look into it." This was not good for Dimitrelos or the Benningtons. If the hacker was just using a Sandia machine as a proxy, the chances of finding that person were close to zero because the hacker had covered their tracks. So it was back to examining the emails for clues. Eventually, Dimitrelos uncovered another IP address.
This one wasn't from Sandia, but from a neighborhood in nearby Albuquerque. What's more is that the messages from Sandia came during the day, but then from a private house in the evening and overnight. That's suspicious. Dimitrios had a theory. Could this person be working at Sandia during the day and then continue the harassment from home at night? If this was the case, then the Department of Defense needed to be involved. An employee was a security threat.
Meanwhile, the cyberstalker, which by now have been dubbed Crazy Pants by Chester and Talinda, kept after the couple throughout the fall of 2006. Who was this person who knew so much about them and who could possibly do them so much harm? A new security system was installed at the house. They bought a big dog. They placed motion sensors in the yard. Cops were asked to watch the house, and they trusted no one.
Meanwhile, the only way for Dimitrilos to find the person was to let the stalking continue. He needed more time. It didn't help that the Benningtons were getting messages like, I know where your kids are and I have complete control of your lives. Gus Dimitrilos got deeper and deeper into his investigation, which he called Operation Eavesdrop.
Tens of thousands of email messages were analyzed in an attempt to create a timeline of the cyber intruder's activities. Meanwhile, a Department of Defense agent named Jeff Fover also got involved in the hunt. The Department of Justice was brought in. So was another Secret Service agent. A subpoena was granted for information relating to the person who had that IP address in that Albuquerque neighborhood. That gave them a name, Devin Townsend. I bleed it out, dig it deeper, just to throw it away.
It turned out that Devin Townsend was a 27-year-old single mom who lived with her own mother at that Albuquerque address. Her MySpace page said that she liked grilled cheese sandwiches and hated applesauce. Hardly someone who fits the profile of a dangerous cyberstalker. But then again, the MySpace page also listed her as a computer nerd.
and she did work at the Sandia facility as a computer technologist. She had something called Q-level security, which meant that she had access to at least some atomic or nuclear materials. Oh, and Townsend's mother? She also worked in Sandia, in, get this, the security department. Working together, the three sleuthers convinced the Department of Energy to hand over a copy of the hard drive from Townsend's work computer.
It turns out that Sandia had had another apparent security breach a few years earlier that had cost them dearly in a lawsuit. And they didn't want to go through that again. But while all this was going on, the stalking continued. Chester woke up to an email one morning detailing a call sheet for an upcoming Linkin Park video shoot. And it came from informant4u at yahoo.com.
On November 14, 2006, Dimitrios and Secret Service agent Kevin Levy arrived in Albuquerque and made their way to the Sandia facility. They were escorted through the plant to Townsend's workstation, which, by the way, featured a big Linkin Park sticker on the monitor. When they met Townsend face-to-face, she was wearing a Linkin Park hoodie. The investigators took Townsend into a private area for a chat. There was an interrogation, which actually went a lot smoother than anybody expected.
She confessed to everything without any drama. And how she did all this stuff is a cautionary tale for anyone with an email address. It started when she spotted a mass email promoting a tattoo parlor that Chester owned in Tempe, Arizona. All the recipients should have been on blind copy, but they weren't. All those addresses were plainly visible in the to field. A simple, but a big careless mistake. Chester's address was right there.
Townsend then used Chester's birthday and zip code to access his mac.com account. Okay, well, what about passwords? Townsend just guessed until she got it right. Chester's email password was Charlie, his middle name. Remember, we weren't always as careful as we are today with our passwords. Now that she was in, Townsend had access to Chester's entire online world. From there, she got into Talinda's account by guessing her password too. And that was all she needed to start getting all the Bennington's private information.
That included social insurance numbers, photos, email attachments, access to friends, Chester's cell phone number, his voicemail, and pages and pages and pages of records of anyone he'd ever called from that number. She even found a copy of Linkin Park's recording contract, along with the image of a check made out to Chester. It turned out to be insanely easy. So why did Townsend do all this? I was bored, she told everybody.
Most days, she burned through her work in less than an hour. She was just looking for a way to spend the other seven hours of her workday. It gave her something to do. Townsend knew that she was stalking, but she just couldn't help herself. Townsend signed a confession. That allowed a complaint to be filed. She was arrested and jailed for a day. Sandia placed her on leave, and then she was fired. After that, investigators moved to her house. They found what amounted to a shrine to Chester and the band with posters, pictures, and more.
On her personal computer, they found thousands of emails to and from the Benningtons. They found hundreds of photos, and among them was a picture of Townsend posing with Chester somewhere. But he was finally all over. Townsend's stalking of Chester until Linda lasted for the better part of a year. But it could have been far, far worse. What if she'd taken over all their financial powers and bank accounts and house deeds and mortgages? I tried so hard and got so far. But in the end,
Devin Townsend was eventually charged with the interception of electronic communications, unlawful access to store communications, fraud, unauthorized trafficking of electronic information, and more. And she was forbidden from ever using a computer, obviously. On June 29, 2007, she pleaded guilty to everything, facing up to five years in prison and fines of over $750,000. Devin Townsend was charged with the murder of Devin Townsend,
In the end, Townsend was sentenced to two years in jail beginning in early 2008. While incarcerated, she had to undergo mental health treatment for her stalking obsessions. So where is she now? We're not sure. She's out there somewhere and probably back online. For the rest of his life, Chester Bennington was rattled by this experience. So was Talinda. And the amount of security and care they had to take to protect their identities increased exponentially. It was expensive.
And what can we learn? Well, for a start, have a proper non-guessable password. Second, be careful of exposing addresses when you send out a mass email. And third, if you are hacked, prepare for a fight. This story is just one example of an obsessed fan. On the next Uncharted, we'll see how another fan took his obsession to an unimaginable level.
You can catch up on all episodes of Uncharted by downloading them from your favorite podcast platform. Please rate and review if you get a chance. If you have any questions or comments, shoot me an email, alan at alancross.ca. You can also meet up on all the social media sites along with my website, ajournalofmusicalthings.com. It's updated with music news and recommendations every day, and there's the free daily newsletter that you should get. Of course, there's my other program, The Ongoing History of New Music. There are hundreds and hundreds of podcasts related to that show.
Join me for more stories of crime and mayhem from the world of music next time with Uncharted. Technical Productions by Rob Johnston. I'm Alan Cross.