Home » Articles » Criminal Complaint Reveals ‘Private Internet Access’ Doesn’t Log
Click Here To Hide Tor

Criminal Complaint Reveals ‘Private Internet Access’ Doesn’t Log

According to a criminal complaint against Preston Alexander McWaters, who allegedly “[conveyed] false or misleading information regarding an explosive device”, the VPN provider “Private Internet Access” doesn’t log.

McWaters, 25, appears to be an individual who can’t move on from relationships. On March 27, 2015, police were called to an address about a stalking complaint. The victims, Devon Kenney and her mother, complained that McWaters was stalking Kenney. When police arrived, Kenney told them that McWaters was hiding outside of her house and that when she went outside, McWaters confronted her. He didn’t leave until she called police.

>>>Click here for the best VPN’s Chart<<<

Kenney claims that McWaters has repeatedly called her, texted her, messaged her on Facebook, and showed up at her house. It’s been estimated that McWaters has tried to contact her around 100 times. When she asked McWaters to stop, he said that if he couldn’t have her, then no one could.

Police spoke with McWaters and he told them that he and Kenney used to date and that he was “trying to patch things up.” Kenney obtained a “Threat Protection Order” against McWaters which is still in effect as of today.

From December 2015 to March 2016, several bomb threats were made to high schools, middle schools, elementary schools, airports, and companies from accounts that would appear to be associated with “Eric Mead” who is Kenney’s current boyfriend. In some instances, McWaters used accounts that would appear to be associated with Kenney.

The bomb threats made was almost identical to each other; a bomb will go off unless a ransom is delivered to an address, and if law enforcement is notified, the bomb the will go off.

The addresses in the emails were the home addresses of Mead and Kenney. In one instance, McWaters used the address of Mead’s mother.

“We have placed 10 pounds of C4 plastic explosive around the interior of Jupiter community high school. If you do not bring $10,000,000.00 in cash to 2500 Via Royale Apt. 2508, Jupiter, Fl 33458 by 12pm on Friday, then we will blow up your school and everyone inside. This is not a negotiable term. Don’t be heroes and get people killed. Bring the cash and your school will be spared the blood of infidels. Allah Akbar.”

“I have placed several pounds of c4 plastic explosive at one of your offices. 1920 Wekiva Way Suite 200 West Palm Beach , Fl 3341 if you do not comply with my demands then I will detonate the bombs and bring your building to the ground with everyone inside. I want $500,000 deliver to the address 2111 white pine cir, apt C in greenacres, Florida 33415. You have 24 hours to comply. If you call the cops or any other funny business then you will cost a lot of lives. Don’t do anything stupid or else . . . Kaboom ! ! !”

Every bomb threat that McWaters made was done using either email or Twitter.

For the threats that were made via Twitter, it was determined that the accounts that were used were verified using Tracfones (prepaid phones) which were purchased at Walmart. The phones were registered under Mead’s identity. Walmart provided security footage and transaction information to the FBI who were able to roughly make out who McWaters was:

“Upon looking at the still photographs of the individual making the purchases, the suspect appears to be a white male, medium build, 20 to 30 years of age, with slight facial hair. He appears to be wearing the same hat in both of these transactions, possibly a tan colored baseball hat with the University of Georgia emblem on it . ln the first transaction, he appears to be wearing a rather unique jacket, one that is a black and camouflage pattern. In the second transaction, the suspect can be seen leaving the store driving a newer model reddish in color Chevrolet Camaro.”

With a rough idea of who McWaters is now in mind, Walmart security was told by the FBI to be on the lookout for him. One officer identified him at a gas station near Walmart and took a picture of him and his car along with its license plate. DMV records show that the license plate number is registered to McWaters and his mother.

The FBI began surveillance on McWaters and later requested AT&T to provide toll records and location data for the Tracfones. The data showed that the phones were around the University of Georgia, which is where McWaters works, and his address when the threats were sent.

During the investigation, subpoenas and search warrants were sent to several companies, including 1&1 and Facebook, in an attempt to find the IP address that the threats were being sent from. All of them responded with an IP address that traced back to a company named “London Trust Media” who runs Private Internet Access.

When a subpoena was sent to them, they couldn’t provide McWaters’ IP address. However, “the only information they could provide is that the cluster of IP addresses being used was from the east coast of the United States .” McWaters does live on the east coast of the United States.

London Trust also told the FBI that they accept credit card payments and other forms of payment but McWaters didn’t make a payment to London Trust. The criminal complaint noted he did however make a payment to AnchorFree who runs Hotspot Shield VPN.

The FBI was able to correlate McWaters’ bank records to the purchases of the Tracfones:

“On February 29, 2016, a subpoena was sent to the First Madison Bank in Athens, Georgia requesting banking records for Preston McWaters. First Madison responded with the requested information. The banking records show that McWaters listed his address as the 155 Snapfinger Lane in Athens, Georgia. The banking records also show that on December 11, 2015, McWaters made a cash withdrawal of $80.00 and on January 22, 2016, he made a cash withdrawal of $60.00. These dates are significant because these are the exact same dates that the prepaid Tracfones discussed previously in this affidavit were purchased from Walmart in Athens with cash. On the January 22, 2016, transaction, the cash tendered at the register was $60.00, the exact amount that McWaters withdrew from his bank account that day.”

These records coupled together with the video footage makes a very damning case against McWaters.

“First Madison also provided video surveillance photos of McWaters making the withdrawals on those two dates. On December 11th, the photo shows McWaters face directly in front of the camera making the withdrawal at 11:44 am. In the photo you can also see that he is wearing sunglasses, a black and camouflage colored jacket, and a baseball style hat with the University of Georgia emblem on it. He is driving a dark colored Jeep SUV. This clothing matches the description of the clothing worn by the suspect purchasing the first tracfone referred to in this affidavit, 561-797-9 156, at the Walmart store on this same date at 12:11 pm. Therefore, your Affiant believes that it was McWaters who purchased the Tracfone on December 11, 2015.”

“The FBI took a picture of 155 Snapfinger Lane while conducting surveillance on February 29, 2016. McWaters’ red in color Camaro and a dark colored Jeep SUV were parked in the driveway. The video surveillance photos also show the transaction that occurred on January 22, 2016. At 8:14 am. McWaters drives up to the ATM in his red in color Camaro. The camera angle did not capture a picture of his face because the vehicle sits too low to the ground. However, the vehicle matches the description of the vehicle that the suspect drove to Walmart on that same day to purchase the second Tracfone referred to in this affidavit, 561-601-3416, at 10:04 am. Based on the surveillance video from the bank and Walmart, your Affiant believes that it was McWaters who purchased the second Tracfone on January 22, 2016.”

On March 4th, McWaters sent yet another bomb threat, this time to Palm Beach County Elementary school from the email address “DevonKenney94@mail.com”.

“We have placed 13 chemical weapons throughout your facilities.They will detonate at 10:30 a.m. March 7, 2016 if you do not comply with our demands and bring $20,000,000.00 to 2500 Via Royale Apt. 2508. Jupiter, FL 33458 by the time of detonation. If you even try to contact the authorities and alert them to the situation then we will detonate the weapons early and everyone of your students will die. You have 4 days. Do not fuck with us! We are watching you ”Leslie Bolte” and your family.”

>>>Click here for the best VPN’s Who respect your privacy<<<

On March 7th, the FBI obtained a search warrant for McWater’s home and on the 8th, McWaters’ home was raided. He was found in his bedroom with his iPhone. The Private Internet Access app was found on the iPhone and every email address account used in the bomb threats. When his car was searched, car chargers that are believed to have been used with the Tracphones were found along with a note that had his Private Internet Access account details on it.

Andrew Lee, the London Trust Media Executive Chairman, spoke with TorrentFreak who told them that, “Our company was subpoenaed by the FBI for user activity logs relating to this matter,” and that “after scrutinizing the validity of the subpoena and confirming it, we restated as we always do the content of our privacy policy and then we notified the agent that we do not log any user activity. The agent confirmed his understanding of our company’s policy and position and then pursued alternative leads.”

Lee concluded his statement with, “This report makes it clear that PIA does not log user activity and we continue to stand by our commitment to our users.”

20 comments

  1. More VPN’s need to do this type of story!! Maybe… Nordvpn?

  2. GREAT NEWS ! definitely will use PIA now but they still have server in USA :\

  3. bullshit, they still handed over logs to the feds

    • read the article again charles, “the only information they could provide is that the cluster of IP addresses being used was from the east coast of the United States”
      they didn’t hand over logs. they gave them a cluster of ips. EVERY vpn has this information, it’d be impossible to operate if they didn’t. all that cluster did was tell the feds what area he could possibly be in which was on the east coast of the united states. and this info didn’t lead to his arrest anyway

      • Piazza del torro

        I love this comment : ” they didn’t hand over logs. they gave them a cluster of ips. ”

        Ummm, handing over user IP addresses ( a cluster of them ) is handing over logs – logs of IP addresses.

      • Piazza del torro

        I love this comment : ” they didn’t hand over logs. they gave them a cluster of ips. ”

        Ummm, handing over user IP addresses ( a cluster of them ) is handing over logs – logs of IP addresses.

      • hitmanchan

        lol dude. The cluster of ips was THEIR OWN ips. They gave no user ips. The fed said that IP x was used for the user to PIA. PIA owns IP x and said that they didn’t know the user’s ip, but ip x is located at our cluster of servers on the east coast. Read before you insult and mock others for being dumb. It makes you look all the much dumber when you’re the idiot

  4. Seriously has the masses seriously not figured out that PIA is nothing but a honey pot service. Sure, there are many great people involved especially on the forums – but do some digging into the owners and see if you feel the same way :P

    Last I remember, the few legit VPN’s out there that truly value your pricacy include: cryptostorm (by far the most secure for many reasons. no username/password for one), AirVPN, and maybe NordVPN (research that one as I am not 100%) Also very important – never use any incuded software from a VPN. Always use the generic opensource OpenVPN software with provided cert/keys. THere is a big issue with VPN “software” having adware built in, etc.

    Stay safe!

    • CRYPTO

      QUESTION FOR CRYPTOSTORM…

      “Tor .onion.sale access seamless, native in-browser magic”

      why do this ????? is it too hard to install TOR BROWSEr? VERY DANGEROUS to have VPN CONNECT TO TOR FOR U

      “DNS & webRTC leakblock protect your IP from leaks”

      How you think VPN see WEBRTC CODE? they watch ur PAGE request for webRTC code in page!!! VERY DANGEROUS
      TOR BROWSER already disable WEBRTC in about:config!!! UNNEEEDED!~!!

      ADMIN ARE SKETCHY TOO!!

      i advise stay away from CRYPTOSTORM!

      • Col1umbus

        Hey Crypto:

        Looking for some insight. I run the tails setup off a USB boot. I am using the Tor Brower Bundle and currently no VPN. I have read that you should not connect through VPN with Tails/Tor but people keep talking about needing VPN. I am not computer illiterate but definitely not super knowledgable on this subject. What do you think? Thanks bud.

  5. It’s kinda funny when I read “we don’t log anything” … etc. Yes that could be true however EVERY ISP on the planet has got router logs. I believe PIA is renting servers all over the world but I hardly doubt their ISP’s (like Akamai, Leaseweb, OVH … etc) wouldn’t share these logs with the law enforcement agencies.
    But this is not a big issue because in cases like this it’s pretty important and useful to protect the society from these kind of people who needs help.

  6. What a clusterf***. I need to see pics of this chick. If she’s isn’t a 10 or close it to… homeboy did everything wrong.

    • Pretzel

      the guy’s fucking pathetic he went through the trouble of sending bomb threats to what exactly? did he think that doing that shit would convince his ex to come back? then again without him we wouldn’t know that PIA doesn’t log.

      but yeah, pics needed. thx

  7. 1. No Logs : good
    2. Send cluster of IP’s : … depend of the pool but it narrows down.
    3. Ain’t that the most shitty log :

    “London Trust also told the FBI that they accept credit card payments and other forms of payment but McWaters didn’t make a payment to London Trust.”

    In the event if he paid by card he would have been clearly reported.
    No matter what you can’t trust a company that propose paid services as they need to keep named invoices. Once again free & open-source is the key, need somehow not-for-profit VPN’s..

    • That’s just bullshit. PIA provides VPN, not Life-Anonymity. If you are careless in the payment process, that’s on you, period. Hiding takes an effort, not a PIA subscription. Their services, however, are high quality. They do provide you with an anonymous IP (NO user logs), and that’s all they advertise.

      BTW, those clusters that were reported have NOTHING to do with the real IP; if McWaters had been pretending to have been in Finland e.g. (recommended in every case), PIA had given IP clusters from Finland to the FBI -> no ties to McWaters’ real address. It was, as ever so often, user error.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

Captcha: *