As you may be aware, recently a student at Grand Valley State University was identified and confessed to sending out emails as part of a hoax that classes were canceled. The Ottawa County Prosecutor’s office investigated the situation and has declined to file charges.
This is the curious part:
“‘We searched high and low and there was no criminal statute that we were aware of that was being violated,’ said Prosecuting Attorney Ron Frantz.”
Typically email hacking (as this appears to be a case of given that the email was purportedly sent from the professor’s email account) can constitute a variety of crimes:
- Computer Fraud: Unauthorized Access to a Protected Computer is a crime if that computer system belongs to a bank or a governmental entity (which presumably GVSU is the latter).
- Wire Fraud: GVSU uses Microsoft Exchange for faculty email, so it’s possible that this could constitute wire fraud if the server housing the email system is located outside of the state of Michigan (which is ever more common as we increasingly move to cloud-based data systems).
Even if the student didn’t actually access protected email accounts to send the emails (rather he spoofed the account information when sending the emails) I would think this violates identity theft laws.