We’re talking about the so-called “Celebgate” hack of 2014 where naked pictures and videos of Hollywood stars were stolen from their Apple and Google accounts and posted online.
Hacker Ryan Collins from Lancaster, Pennsylvania was this week charged with an offense linked to the scandal and, according to prosecutors, will plead guilty to violating the Computer Fraud and Abuse Act when he appears in court.
Collins, 36, is accused of breaking into more than 50 iCloud accounts and 72 Gmail accounts between November 2012 and September 2014, action that in some cases enabled him to access compromising material featuring mainly famous women.
Prosecutors said the hacker used phishing techniques to trick victims into revealing account login details. The relatively simple operation would begin with Collins sending an email to a targeted star from an address that made it look as if it’d been sent by Apple or Google. The message asked the victim for their user name and password; if they replied with the details, the hacker could then access the account and explore the user’s cloud-based content, some of which included A-list celebrities in a state of undress.
The U.S. attorney’s office said Collins used software to download the entire contents of a victim’s account. However, it added that there’s currently no evidence that he posted the stolen content online, and an investigation is still ongoing to find out who did.
Commenting on the case, the FBI’s David Bowdich said, “By illegally accessing intimate details of his victims’ personal lives, Mr. Collins violated their privacy and left many to contend with lasting emotional distress, embarrassment and feelings of insecurity.”
He added, “We continue to see both celebrities and victims from all walks of life suffer the consequences of this crime and strongly encourage users of Internet-connected devices to strengthen passwords and to be skeptical when replying to emails asking for personal information.”
The authorities have suggested an 18-month jail term for Collins, though the presiding judge will have the power to impose a sentence of up to five years.
