SARAI HANNAH AJAI | FORMAL COMPLAINT & FORENSIC SUMMARY

December 02, 2025

SARAI HANNAH AJAI | FORMAL COMPLAINT & FORENSIC SUMMARY

VERIZON ACCOUNT, APPLE ECOSYSTEM, AND HOME-NETWORK COMPROMISE

Prepared by: Sarai Hannah Ajai

Date: December 02, 2025

I. Executive Overview

This formal complaint summarizes an extended pattern of unauthorized access, account manipulation, and device interference affecting my Verizon wireless lines (including *** *** 6195), Apple ecosystem devices (iPhone 11, iPhone 17, Apple Watch Series 7, Mac Mini M1), and my residential network infrastructure.

Between May 1, 2025 and November 30, 2025, I documented persistent account-takeover behavior requiring repeated resets of passwords, PINs, voicemail codes, eSIM/Apple ID credentials, Wi-Fi/router keys, and device passcodes. In several instances, resets were required multiple times within a single day.

My Excel forensic log workbook, attached with this report, contains timestamped, contemporaneous entries for each reset and recovery action performed. These logs form the quantitative foundation of this complaint.

**II. Quantitative Summary of Logged Credential Reset Events

(May—November 2025)**

Month Logged Credential Changes

May 2025 24

June 2025 30

July 2025 39

August 2025 30

September 2025 23

October 2025 32 (from Excel workbook)

November 2025 34 (from Excel workbook)

Total Recorded Reset/Recovery Events: 212 entries

(Reflects intensity of takeover pressure rather than unique devices; multiple categories were tracked in parallel.)

Each “entry” represents a discrete credential reset involving one or more of the following categories:

• Apple ID / iCloud sign-ins

• Apple device passcodes (iPhone 11/17, Watch Series 7, Mac Mini M1)

• Verizon PINs and voicemail codes

• Visual voicemail configuration

• Wi-Fi security keys and router administrative passwords

• eSIM/line authentication events

• Device-level account re-enrollment or forced recovery modes

III. Key Incidents Already Documented

1. July 4, 2025 – Remote Voicemail Deletion (10:30 AM)

During a reboot on my iPhone 11, a voicemail from an unfamiliar 615 area code appeared and was visibly deleted from the screen without my interaction. This indicates carrier-side or remotely authenticated access.

2. June 27, 2025 – Admission of Apple Ecosystem Intrusion (8:30 AM)

In a hallway blind-spot outside my residence, neighbor (Unit 206, identity documented in prior filings) stated:

“You are sharing your Apple iPhone 11 and Apple ecosystem with me.”

A similar statement had been made days earlier by an unidentified male outside my window.

I have never granted consent to share, pair, or mirror any device.

3. September 21, 2025 – Temporary Disappearance of Line *** *** 6195

Verizon’s IVR reported the number “no longer exists with Verizon,” consistent with attempted:

• SIM swap

• Port-out fraud

• Backend credential takeover

Service later restored without any action on my part.

**IV. Updated Summary Incident: Unauthorized Lockout of Apple Mac Mini M1

(November 25, 2025 – Critical Escalation Event)

Incident Overview

On November 25, 2025, I conducted a routine macOS password update at approximately 3:06 PM. The system confirmed the new password with no errors.

At approximately 8:45 PM, while preparing Quantaudio Studio content (“City on a Hill | Session II | Light in the Lord — Instrumental”), my Mac Mini M1 froze completely, displaying the persistent macOS “beach ball.” Keyboard and mouse input became disabled.

At approximately 8:55 PM, I heard the neighboring tenant in Unit 206 speaking loudly in the common hallway, stating:

“We locked you out of your computer because you have locked us out of your phone.”

Immediately following this statement, my legitimate password began failing, triggering escalating lockout timers (1 minute → 3 minutes → 15 minutes), which is consistent with unauthorized manipulation of authentication flows.

Forced Recovery Procedure

Because the correct password no longer worked, I was compelled to execute a full macOS Recovery Mode re-authentication, including:

1. Accessing Options → Forget All Passwords

2. Entering Apple ID/iCloud credentials

3. Passing “Authentication Succeeded” verification

4. Opening Utilities → Terminal

5. Running resetpassword

6. Completing:

o Deactivate Mac

o Activation Lock (requiring Apple ID again)

o Reset Password (final credential creation)

This procedure is not triggered during normal usage. It is consistent with:

• Credential corruption

• Remote interference

• MitM-style Apple token manipulation

• Unauthorized local network access

• Tampering with device-level authentication states

I have retained photo evidence of each step of the forced recovery.

Federal Statutes Implicated

The events materially implicate:

• 18 U.S.C. § 1030 – Computer Fraud and Abuse Act (unauthorized access)

• 18 U.S.C. § 2511 – Wiretap Act (interference with electronic communications)

• 18 U.S.C. § 2261A – Interstate electronic stalking/harassment

• Federal offenses relating to intentional tampering with digital credentials and personal computing systems

This incident demonstrates an escalating pattern of deliberate interference.

V. Technical Environment

Home Network Infrastructure

• ISP: Mi*******ent Com********ons

• Modem: Netgear Nighthawk CM1200

• Router: ASUS AX1800 Dual Band RT-AX1800S (Wi-Fi 6)

• Mac Mini: Ethernet-connected to router

• iPhone 11, iPhone 17, Apple Watch 7: Wi-Fi/cellular hybrid connectivity

This topology assists in isolating potential LAN-side, Bluetooth, and Wi-Fi-based persistence mechanisms.

VI. Forensic Indicators

Based on accumulated evidence, the following indicators strongly suggest a multi-layered intrusion pattern:

• Persistent credential resets (daily/multiple times per day)

• Evidence of backend voicemail/line control

• Unauthorized declarations by neighboring tenant(s)

• Possible cloned eSIM or carrier-side session replication

• Voicemail deletions during device reboot

• SIM swap/port-out precursors

• LAN-side or Bluetooth-based proximity exploitation

• Corruption of Mac Mini login credentials on November 25, 2025

VII. Requested Actions & Data Preservation

To Verizon Wireless

1. Enable Number Lock / Do Not Port on all lines

2. Require Port-Out PIN + in-store ID verification

3. Provide written documentation of all changes to line *** *** 6195 on 9/21/2025:

o NPAC records

o Receiving carrier (if any)

o Authorization method used

o IP logs and representative/store ID numbers

To Apple

1. Invalidate all active device and iCloud session tokens

2. Force re-enrollment of trusted devices

3. Provide sign-in logs and device association history with:

o IP addresses

o User agents

o ASN/ISP metadata

4. Investigate potential unauthorized device mirroring or token cloning

To Mi*** & Network Equipment Vendors

1. Preserve DHCP, CMTS, and modem logs

2. Audit router for:

o Rogue SSIDs

o WPS event logs

o UPnP pinholes

o WAN admin exposure

3. Verify DNS integrity

To Law Enforcement / FTC

1. Record incident in Consumer Sentinel

2. Compare with local SIM-swap/port-out fraud patterns

3. Review available CCTV for June 27, July 4–5, and Sept. 21 time windows

4. Document the November 25, 2025 Mac Mini lockout as an escalation event

VIII. Methodology Behind This Report

All counts were derived from my Excel workbook forensic logs. Each row represents a recorded timestamp capturing a password reset, device passcode change, forced Apple re-authentication, voicemail PIN reset, router password rotation, Wi-Fi key update, or device recovery procedure.

For October and November, the workbook reflects:

• October 2025: 32 qualifying credential-reset entries

• November 2025: 34 qualifying credential-reset entries

These metrics corroborate the sustained account takeover behavior.

Submitted by:

Sarai Hannah Ajai

Date: December 02, 2025