iCloud hack: could phishing scheme have been behind nude celebrity photo leak?

Some goldfish being lured by fishing hooks
(Image credit: Shutterstock)

An American man has been arrested and charged in relation with the 2014 leak of celebrity photos, known as Celebgate and the iCloud Hack.

Ryan Collins, 36, from Lancaster, Pennsylvania, has pleaded guilty to breaking the US Computer Fraud and Abuse Act, as part of a plea deal that will see him face no more than five years in jail.

According to the plea agreement, Collins allegedly engaged in a phishing scam between November 2012 and September 2014, where he persuaded owners of Apple and Google email accounts to hand over their credentials by pretending to be a representative of those companies.

Whenever the ruse was successful, he gained access to personal information, including nude photos and videos, according to the plea agreement.

A statement from the US Department of Justice (DoJ) further alleged that "in some instances, Collins would use a software program to download the entire contents of the victim's iCloud backups".

In total, Collins accessed at least 50 iCloud accounts and 72 Gmail accounts, mostly belonging to female celebrities.

In a statement, David Bowdich, assistant director in charge of the FBI's Los Angeles Field Office, said: "By illegally accessing intimate details of his victims' personal lives, Mr. Collins violated their privacy and left many to contend with lasting emotional distress, embarrassment and feelings of insecurity.

"We continue to see both celebrities and victims from all walks of life suffer the consequences of this crime and strongly encourage users of internet-connected devices to strengthen passwords and to be skeptical when replying to emails asking for personal information."

There is still one mystery remaining, however. While Collins admits to hacking into the accounts, he denies being the source of the 2014 Celebgate leak.

Furthermore, while Collins was arrested in relation to that breach, the DoJ said: "Investigators have not uncovered any evidence linking Collins to the actual leaks or that Collins shared or uploaded the information he obtained."

The broader FBI investigation into the 2014 leak is still ongoing.

Speaking to Cloud Pro, independent security researcher Graham Cluley said: "I'm not surprised that it was phishing that was at the heart of the attack against the celebrities. If there had been a fundamental flaw in iCloud then we would have seen much more serious information stolen by hackers than a few nude photographs of starlets.

"The sad truth is that phishing is incredibly effective. All the time, individuals and companies are duped into handing over information through convincingly crafted email messages."

Like the FBI's Bowditch, Cluley said it is important that people are wary of unsolicited emails. However, he added that two-factor authentication should be implemented where possible to make accounts more secure.

"You can do this with Gmail, iCloud, and other accounts and it means that even if your password is phished from you the hackers will not know the randomly generated PIN code that is also required when accessing the account from a previously unknown computer," he said.

This article first appeared on IT Pro's sister site, Cloud Pro.

Jane McCallion
Deputy Editor

Jane McCallion is ITPro's deputy editor, specializing in cloud computing, cyber security, data centers and enterprise IT infrastructure. Before becoming Deputy Editor, she held the role of Features Editor, managing a pool of freelance and internal writers, while continuing to specialise in enterprise IT infrastructure, and business strategy.

Prior to joining ITPro, Jane was a freelance business journalist writing as both Jane McCallion and Jane Bordenave for titles such as European CEO, World Finance, and Business Excellence Magazine.