Hacker behind iCloud leak of celebrity photos faces five years in prison

Edward Majerczyk — a hacker who used phishing scams to gain access to celebrities' iCloud accounts — has pleaded guilty, and will face up to five years in federal prison. Majerczyk was able to access over 300 Gmail and iCloud accounts, with at least 30 accounts belonging to celebrities.

In an official statement (via The Verge), FBI assistant director Deirdre Fike said:

This defendant not only hacked into e-mail accounts — he hacked into his victims' private lives, causing embarrassment and lasting harm. As most of us use devices containing private information, cases like this remind us to protect our data. Members of society whose information is in demand can be even more vulnerable, and directly targeted.

Majerczyk is the second person to plead guilty to hacking into celebrities' accounts, after Ryan Collins also confessed earlier this year. While both are charged with gaining "unauthorized access to a protected computer to obtain information," the court did not find any evidence tying them to the distribution of explicit content:

However, investigators have not uncovered any evidence linking Majerczyk to the actual leaks. Many of Majerczyk's victims were members of the entertainment industry in Los Angeles. By illegally accessing the e-mail accounts, Majerczyk accessed at least 300 accounts, and at least 30 accounts belonging to celebrities.

The clumsiest man in tech.

  • Wow, what a dirty weasel!
  • Social Engineering/Phishing. I know what the author means though. Use a password manager if you trust it.
  • I trust a single password manager more than I trust a small mountain of separate websites. Of course, even then I codename/abbreviate my entries naming fields so if someone somewhere did manage to break mine they may still have a challenge on their hands. Still, a manager is the only way I know of (save for people far smarter than me of course) to be able to use extremely complex and messy passwords on every different site or service with serious ease. No way i'd remember super long strings of random symbols, numbers, upper and lower case letters without morphing it all into some word which apparently is a tactic these ****** of the world are starting to beat. Don't forget folks: use two-factor wherever possible. A less than 10 second inconvenience is worth alot of benefit. Sent from the iMore App
  • Harish and/or whoever wrote that headline: If you don't know the difference between a hack and phishing ignoramuses, y'all shouldn't be a reporter. No hack of iCloud involved. Or maybe given your disregard for facts, you *are* in the right business if you want to be a mainstream journalist.
  • +1 Sent from the iMore App
  • Manqueman the Chambers dictionary offers "Obtain unauthorized access to a computer or network" as one definition, so that vindicates Harish and the sub-editor whilst making you look rude and ignorant. :)
  • Your cheerios got urine in them?
  • Funny how the FBI called it hacking. They should have asked for this guys help getting into all those iPhones the want access to. ;-)
  • Two completely different things...
  • Again; Facts matter, or they don't. The story started with an unverified assumption Apple's cloud was hacked. Relatively quickly, it became clear that the celebs were phishing victims; the cloud was not hacked.
    I fully accept that media's preferences are speed in reporting over accuracy.
    But the not-hack is old news now. No need to repeat the error.