Lancaster man pleads guilty to 'Celebgate' nude-photo hack
The FBI announced Wednesday it has nailed one of the Internet hackers who tricked their way into the email accounts of celebs such as Jennifer Lawrenceto steal their personal nude photos and videos.
That's the good news for victimized stars. The bad news is that scores of cyber-criminals remain out there, including those responsible for the "Celebgate" scandal of 2014 when celebrities' nude photos were leaked onto the Internet.
The FBI announced that a Pennsylvania man, Ryan Collins, 36, of Lancaster, signed a plea agreement to plead guilty to a felony violation of the Computer Fraud and Abuse Act, to wit: One count of "unauthorized access to a protected computer to obtain information," according to the FBI press release.
Translation: Collins was tracked down and charged in connection with the ongoing investigation into the hacking into accounts of as many as 100 celebrities and stars, and the subsequent leaking of nude photos and videos of said stars. The scandal was dubbed “Celebgate” by the media and investigators.
Lawrence was one of the major names among the victimized but others included Kim Kardashian, Kate Upton, Kirsten Dunst, Vanessa Hudgens, Rihanna, Kate Bosworth,Hayden Panettiere, Lake Bell and others. None of these names were in the FBI press release announcing the plea agreement.
Scores of the stars' intimate photos, some of which were denounced as fakes, ended up online. However, the FBI says it has not found any evidence linking Collins to these leaks by sharing or uploading the information he stole.
So how did these photos end up on notorious Internet sites that host hackers and their purloined stuff? The Celebgate investigation continues, the FBI says.
“Lawless unauthorized access to such private information is a criminal offense," reminded U.S. Attorney Eileen Decker in a statement. She vowed to continue "protecting sensitive and personal information from the malicious actions of sophisticated hackers and cyber criminals.”
Collins may not have posted the stolen photos online but his role was sneaky and creepy enough, according to the FBI description of his plea agreement. From November 2014 to early September 2014, Collins engaged in a "phishing scheme" to obtain access to his victims' accounts by sending emails that appeared to be from Apple or Google, asking for usernames and passwords.
When the victims complied (FBI Tip #1: Don't ever do this), Collins used his illicit access to steal "personal information including nude photographs and videos" from his victims' accounts. Sometimes Collins used a software program to download the entire contents of the victims’ Apple iCloud backups, the FBI says.
By this means, Collins accessed at least 50 iCloud accounts and 72 Gmail accounts, most of which belonged to female celebrities, the FBI said.
Collins faces a maximum sentence of five years in federal prison, although the plea agreement calls for a recommendation of 18 months. That recommendation will not be binding on the sentencing judge.
“By illegally accessing intimate details of his victims' personal lives, Mr. Collins violated their privacy and left many to contend with lasting emotional distress, embarrassment and feelings of insecurity,” said David Bowdich, the assistant director in charge of the FBI’s Los Angeles office.
“We continue to see both celebrities and victims from all walks of life suffer the consequences of this crime and strongly encourage users of Internet-connected devices to strengthen passwords and to be skeptical when replying to emails asking for personal information.”
A reaction from Lawrence to the news was not immediately available.