Hacker Behind iCloud Celebrity Nude Leaks Faces Up to 5 Years in Jail
Back in September of 2014, numerous celebrity iCloud accounts were compromised through ‘phishing’ attempts, leading to the leak of numerous celebrity photos dubbed “Celebgate” or “The Fappening”.
Kate Upton, Gabrielle Union, Jennifer Lawrence had their information compromised; image via The Hollywood Reporter/Getty Images
The man behind these hacks, 36-year old Ryan Collins from Pennsylvania, was charged Tuesday with felony computer hacking, and faces up to five years in a federal prison (prosecutors are recommending 18 months), notes the Hollywood Reporter.
Here’s how Collins hacked and gained access to at least 50 iCloud accounts and 72 Gmail accounts, “most of which belonged to female celebrities”, according to the U.S. Attorney’s Office for the Central District of California:
According to factual basis in the plea agreement, from November 2012 until the beginning of September 2014, Collins engaged in a phishing scheme to obtain usernames and passwords for his victims. He sent e-mails to victims that appeared to be from Apple or Google and asked victims to provider their usernames and passwords. When the victims responded, Collins then had access to the victims’ e-mail accounts. After illegally accessing the e-mail accounts, Collins obtained personal information including nude photographs and videos, according to his plea agreement. In some instances, Collins would use a software program to download the entire contents of the victims’ Apple iCloud backups.
Apple CEO Tim Cook reassured customers at the time no Apple IDs or passwords were leaked from servers, as the hacks occurred through phishing techniques explained above.
The company implemented new security measures to further lock down iCloud accounts, enabling push notifications to customers when someone tries to change an account password, restore iCloud data to a new device, or when a device logs into iCloud for the first time. To further secure your Apple ID, it’s highly recommended you enable two-factor security–here’s how to do it.