Chicago man pleads guilty in celebrity iCloud data breach

A 28 year-old Chicago man has pleaded guilty to using phishing scams to illegally access more than 300 iCloud and Gmail accounts, around 30 of which belonged to celebrities.

The high profile iCloud data breach, which was dubbed ‘celebgate’, resulted in the leak of nude photographs in 2014. However, it is important to note that the defendant Edward Majerczyk is charged only with the initial theft and not the leak.

Celebrity victims included pop star Rihanna and Oscar winning actress Jennifer Lawrence.

The BBC reported that Mr. Majerczyk sent phishing emails tricking victims into visiting booby-trapped websites that stole their login data. The emails were made to look like security warnings from internet service providers.

He has pleaded guilty to a felony violation of the Computer Fraud and Abuse Act, specifically one count of unauthorized access to a protected computer to obtain information.

According to VentureBeat, Mr. Majerczyk faces up to five years in prison for his part in the attack. Another man, Ryan Collins, pleaded guilty to the same offense in March and is also yet to be sentenced.

“This defendant not only hacked into email accounts – he hacked into his victims’ private lives, causing embarrassment and lasting harm,” said Deirdre Fike, the assistant director in charge of the FBI’s Los Angeles Field Office.

“As most of us use devices containing private information, cases like this remind us to protect our data. Members of society whose information is in demand can be even more vulnerable, and directly targeted.”

As ESET’s senior security researcher Stephen Cobb wrote when the story broke, blame for the hack should be directed at the criminals themselves, and not the victims whose security has been breached.

“The creepy people who stole the pictures are the ones responsible for this scandal and they should be held accountable,” explained Mr. Cobb.

“For some strange reason, the world tends to approach computer security differently from physical security. If you forget to lock your car, that does not make you responsible for it being stolen. The car thief is clearly the only person truly responsible.”

Author , We Live Security

Follow us

Copyright © 2017 ESET, All Rights Reserved.