Labels

Sarai Hannah Ajai | VERIZON ACCOUNT, APPLE ECOSYSTEM, AND HOME-NETWORK MIDCO COMPROMISES

 VERIZON ACCOUNT, APPLE ECOSYSTEM, AND HOME-NETWORK MIDCO COMPROMISES

Prepared by: Sarai Hannah Ajai
Hacking Incident Report
Updated Through: February 28, 2026

Location: 2*** **** ***. *., Apt **5, *****, ** *****

I. Executive Overview (Updated Through Feb. 28, 2026)

This updated incident summary extends the documented timeframe through May 2025, December 2025, January 2026, and February 2026, and reflects a continuing pattern of suspected unauthorized access attempts, credential interference, authentication instability, and repeated defensive recovery actions affecting my Verizon account, Apple ecosystem devices, and home-network environment.

As previously documented, I replaced my prior ASUS Wi-Fi 6 router with a Netgear Nighthawk Dual-Band WiFi 7 router in January 2026. Despite that infrastructure change, and despite continued password rotations, PIN changes, passcode updates, and security-control resets, I continued to experience compromise indicators consistent with ongoing unauthorized access attempts and/or unlawful interference with account authentication integrity.

My Excel forensic workbooks remain the controlling factual record and contain date-stamped entries documenting repeated forced resets, recovery actions, and protective changes involving:

  • Verizon account access, account passwords, account PINs, and voicemail authentication
  • Apple ecosystem device authentication and Apple ID / iCloud session integrity
  • eSIM authentication states and cellular provisioning irregularities
  • Router administrative credentials and Wi-Fi security controls
  • Device-level passcodes, Screen Time controls, recovery workflows, and re-enrollment events
  • Additional Apple device password changes involving my Apple iPad Air M3 and Mac Mini M1

The February 2026 log further shows that the interference pattern remained active across multiple surfaces devices at once, including carrier credentials, voicemail controls, iPhone passcodes, eSIM PIN settings, Apple Watch PIN controls, Mac Mini M1 passwords, and iPad Air M3 password events. This cross-platform continuity materially strengthens the inference that the problems were not confined to one isolated device, one forgotten password, or one router-only explanation.

II. Updated Quantitative Summary of Logged Credential Reset / Recovery Events

(May 2025 – February 2026)

Below are the month-by-month counts based on the number of date-stamped log entries on each month’s worksheet tab, using your forensic workbook methodology.

Month

Logged Credential Reset / Recovery Entries

May 2025

24

June 2025

30

July 2025

39

August 2025

30

September 2025

23

October 2025

29

November 2025

29

December 2025

30

January 2026

27

February 2026

 19

Total (May 2025 – Feb. 2026)

280

Interpretation

This total reflects the intensity, breadth, and persistence of the takeover pressure rather than ordinary or routine security maintenance. Multiple security categories were tracked in parallel, and several entries reflect multi-system resets during a single incident cycle.

The February 2026 total of 19 is especially significant because it reflects a concentrated pattern of repeated changes across approximately ten tracked security categories, each appearing to show 19 logged change events during the month. In practical terms, February 2026 appears to document repeated defensive changes affecting:

  • Verizon iPhone 17 account password
  • Verizon iPhone 17 account PIN
  • Verizon voicemail code
  • iPhone 17 device “About Name” field
  • iPhone 17 Wi-Fi password / local network settings
  • iPhone 17 passcode
  • iPhone 17 Screen Time passcode
  • Apple Watch Series 7 PIN
  • iPhone 17 cellular eSIM PIN
  • Apple Mac Mini M1 iCloud / ecosystem password
  • Apple Mac Mini M1 device-only password
  • Apple iPad Air M3 device-only password

Even allowing for overlapping event clusters, this February pattern is plainly inconsistent with ordinary user maintenance and strongly supports a finding of repeated suspected compromise pressure and/or forced defensive credential rotations.

III. Device & Account Scope (Expanded Through February 2026)

The records now show that the security impact extends across a broader Apple/telecommunication environments and is not limited to a single phone. Affected or implicated systems include:

  • Apple iPhone 11 (returned to Apple dated 10-31-25 for credit)
  • Apple iPhone 17
  • Apple Watch Series 7
  • Mac Mini M1
  • Apple iPad Air M3 
  • Verizon wireless line(s), including ending in *** *** 6195
  • Home LAN / Wi-Fi environment and router administrative plane
  • Voicemail authentication layer
  • eSIM / cellular authentication controls

This expanded device and account scope supports the conclusion that the interference patterns are ecosystem-wide, spanning carrier-account controls, Apple-devices trust chains, local device passcodes, and home-network access surfaces.

IV. Updated Technical Environment (Router Change + Continued Compromise)

ISP: Midcontinent Communications
Modem: Netgear Nighthawk CM1200
Router (Updated): Netgear Nighthawk Dual-Band Router WiFi 7
Prior Router: ASUS RT-AX1800S
Mac Mini M1: Ethernet-connected to router
Mobile Devices: Hybrid Wi-Fi / cellular connectivity
Affected Devices: iPhone 11, iPhone 17, Apple Watch Series 7, iPad Air M3, Mac Mini M1

Significance of Router Replacement

The January 2026 router replacement materially reduces the likelihood that the overall pattern can be explained solely by a single stale router credential, isolated firmware instability, or one local-network-only misconfiguration.

Because the interference indicators continued after the router was replaced, the continuity of events is more consistent with one or more of the following conditions:

  • credential or session-token abuse occurring at the carrier-account or Apple ID / iCloud account layer;
  • repeated re-authentication pressure consistent with unauthorized access attempts against carrier or Apple credentials;
  • persistence affecting one or more devices independently of router replacement;
  • SIM / eSIM provisioning interference or other cellular account-layer manipulation;
  • broader upstream or multi-surface account interference not eliminated by a local router swap.

This is a forensic inference, not an assertion of final attribution. It documents what the pattern reasonably suggests based on continuity before and after the infrastructure change.

V. February 2026 Analysis (Newly Added Update)

February 2026 represents the most concentrated month presently documented in my records.

During that month, the logged activity reflects repeated changes across numerous security-sensitive categories, including Verizon account credentials, voicemail authentication, iPhone 17 passcode-related controls, Apple Watch PIN controls, iPhone 17 eSIM PIN settings, Mac Mini M1 passwords, and iPad Air M3 passcode changes. The density of the changes indicates not a simple password-management issue, but a repeated and continuing operational need to re-secure my digital environment.

This February 2026 activity materially strengthens the following conclusions:

  1. Persistence: the pattern did not stop after device changes or router replacement.
  2. Breadth: the activity touched telecommunication, Apple ecosystem, and local-device controls at the same time.
  3. Escalation: the inclusion of the iPad Air M3 and repeated Mac Mini M1 changes shows widening platform impact.
  4. Operational burden: the response required repeated manual security actions to preserve access and control.
  5. Forensic significance: the volume and repetition of the February entries support formal preservation requests to carriers, Apple, and any investigating authority.

In plain English, February 2026 looks less like “routine security hygiene” and more like a month-long wrestling match with an invisible adversary who would not stay out of the house.

VI. Federal Statutes Potentially Implicated (Updated Through Feb. 2026)

The conduct reflected in these logs, if substantiated by provider records, forensic review, or investigative findings, may implicate several federal statutes.

1. 18 U.S.C. § 1030 — Computer Fraud and Abuse Act (CFAA)

This statute addresses unauthorized access to protected computers and related fraud, damage, or loss arising from such access. It is one of the central federal laws used when unauthorized access affects computers, devices, or account systems used in interstate commerce. (Legal Information Institute)

2. 18 U.S.C. § 2511 — Wiretap Act / Interception of Electronic Communications

This statute prohibits certain intentional interceptions, disclosures, or uses of wire, oral, or electronic communications. It is relevant where interference may involve voicemail, communications systems, signaling, or unlawfully intercepted electronic communications. (Legal Information Institute)

3. 18 U.S.C. § 1028 — Fraud and Related Activity in Connection with Identification Documents / Authentication Information

Where identifying information, authentication features, or account-related identity credentials are unlawfully used to gain access to services or accounts, this statute may become relevant. It is commonly implicated in identity-related account intrusion scenarios. (Legal Information Institute)

4. 18 U.S.C. § 2261A — Cyberstalking / Repeated Electronic Harassment

This statute covers certain repeated electronic conduct directed at a person that causes substantial emotional distress or fear under defined legal circumstances. It can become relevant where electronic interference is not isolated, but repeated and targeted over time. (Legal Information Institute)

5. 47 U.S.C. § 222 — Carrier Duty to Protect Customer Proprietary Network Information (CPNI)

Federal law imposes a duty on telecommunications carriers to protect the confidentiality of customer proprietary information. This statute is directly relevant where a carrier account, account PIN, voicemail controls, or related account-access protections may have been compromised or insufficiently safeguarded. (Legal Information Institute)

6. 47 C.F.R. § 64.2010 — Carrier Authentication and Safeguards for CPNI

This FCC regulation requires carriers to take reasonable measures to discover and protect against attempts to gain unauthorized access to CPNI and to properly authenticate customers for online, phone, or in-store access. It is particularly relevant in any review of Verizon’s account-access control and PIN-reset protections. (Legal Information Institute)

VII. Forensic Indicators (Strengthened by Router Replacement + February 2026 Volume)

The continuation of events into February 2026, together with the router replacement and inclusion of additional Apple platform devices, strengthens the following forensic indicators:

  • persistent reset cadence across many months;
  • multi-surface impact affecting carrier, Apple ID / iCloud, local-device passcodes, eSIM controls, and Wi-Fi/network settings;
  • evidence consistent with account-layer interference rather than a single-endpoint-only explanation;
  • continued compromise indicators after infrastructure replacement, reducing the plausibility of a one-router-only explanation;
  • expanding scope from phone-only disruptions into broader Apple ecosystem and home-network overlap.

These factors do not by themselves prove the specific methods or actors. They do, however, strongly justify escalation, preservation, and formal review.

VIII. Methodology (Updated Data Sources)

The counts above were derived from my forensic Excel workbooks and related records. Each qualifying entry corresponds to a date-stamped row documenting one or more of the following:

  • account password reset
  • account PIN reset
  • voicemail authentication change
  • router or Wi-Fi credential rotation
  • forced Apple re-authentication
  • device passcode change
  • Screen Time passcode change
  • eSIM PIN change
  • Apple Watch PIN change
  • Mac Mini M1 password change
  • iPad M3 device password change
  • related device recovery workflow or re-enrollment event

The updated totals now include:

  • May 2025 through November 2025
  • December 2025
  • January 2026
  • February 2026

IX. Evidentiary Significance

This report is intended to preserve a pattern of facts, not to speculate beyond the evidence. The documented record is significant because it shows:

  • repetition rather than isolated inconvenience;
  • overlap across multiple systems rather than one forgotten credential;
  • continuity despite defensive changes and hardware replacement;
  • measurable burden in time, access disruption, and forced remediation;
  • a basis for requesting logs from Verizon, Apple, and related providers before retention windows expire.

A forensic investigator, attorney, regulator, or law-enforcement reviewer could compare this log history against:

  • Verizon account access logs
  • PIN-reset records
  • eSIM provisioning or change records
  • voicemail access history
  • Apple ID sign-in history
  • trusted-device history
  • password reset history
  • support tickets
  • IP/session metadata
  • device serial and activation history

X. Harm and Impact

The repeated credential resets, password changes, PIN changes, and device-security interventions substantially interfered with my ability to maintain stable use of my Apple devices, Verizon services, and home-network environment.

The harm includes:

  • repeated disruption to ordinary phone and devices uses;
  • continual time expenditure to restore or preserve account control;
  • impaired confidence in account integrity and trusted-device relationships;
  • repeated defensive migrations and changes to devices and credentials;
  • increased difficulty preserving normal continuity across communications, applications, and cloud-linked services.

This pattern was not a trivial inconvenience. It created ongoing instability in the systems I rely upon for communications, records, and digital security.

XI. Insert-Ready Text for Main Complaint or Declaration

I can drop the following lines directly into a longer complaint, declaration, or agency filing:

  • Replace: “Between May 1, 2025 and January 31, 2026…”
    With: “Between May 1, 2025 and February 28, 2026…”
  • Replace: “Total Recorded Reset/Recovery Events: 261 entries”
    With: “Total Recorded Reset/Recovery Events: 280 entries (May 2025 – Feb. 2026)”
  • Replace router line in Technical Environment:
    With: “Router: Netgear Nighthawk Dual-Band Router WiFi 7 activated on January 9, 2026 (replaced ASUS RT-AX1800S); compromise indicators continued after replacement.”
  • Add February 2026 sentence:
    “February 2026 alone reflects approximately 19 logged credential, PIN, passcode, eSIM, voicemail, and device-password reset or recovery events across Verizon, iPhone 17, Apple Watch Series 7, Mac Mini M1, and iPad M3 security categories.”

XII. Conclusion

Based on the documented records from May 2025 through February 28, 2026, the overall pattern is consistent with a prolonged course of suspected unauthorized accesses attempts, authentication interference, or related digital compromise activity affecting my Verizon account, Apple ecosystem devices, and home-network environment.

The updated total of 280 logged reset/recovery events, including 19 events in February 2026 alone, materially strengthens the conclusion that this was not ordinary security maintenance. Instead, it reflects repeated defensive actions taken in response to continuing compromise indicators across multiple interconnected systems.

The facts documented here justify:

  • formal evidence preservation,
  • provider log review,
  • regulatory or investigative escalation where appropriate, and
  • continued treatment of this matter as a serious digital-security incident with potential federal implications under statutes including 18 U.S.C. §§ 1030, 2511, 1028, 2261A and 47 U.S.C. § 222, together with applicable FCC CPNI safeguard rules. (Legal Information Institute)

XIII. Printed Name Block

Prepared by:
Sarai Hannah Ajai













Labels:
Location: Fargo, ND, USA

Comments

Post a Comment