Sophos Cloud Optix
Nude photos of Oscar-winning Hunger Games actress Jennifer Lawrence, as well as images of 99 other celebrities, have apparently been posted online by a user of the 4chan website.
The anonymous hacker reportedly gained access to private photos belonging to Jennifer Lawrence, Kim Kardashian, Amber Heard Cat Deely, Kate Upton, Kelly Brook and others via Apple’s iCloud storage system.
Unlike other supposed celebrity photos, which are often fake and designed to trick users into clicking on suspicious links, at least some of these pictures have been confirmed as being genuine.
A representative for Lawrence said in a statement Sunday evening:
This is a flagrant violation of privacy. The authorities have been contacted and will prosecute anyone who posts the stolen photos of Jennifer Lawrence.
‘Scott Pilgrim vs. The World’ actress Mary E. Winstead confirmed photos of her were real via social networking site Twitter, saying:
To those of you looking at photos I took with my husband years ago in the privacy of our home, hope you feel great about yourselves… Knowing those photos were deleted long ago, I can only imagine the creepy effort that went into this. Feeling for everyone who got hacked.
Other celebs, denied the authenticity of the photos. Singer Victoria Justice told Twitter:
These so called nudes of me are FAKE people. Let me nip this in the bud right now. *pun intended*
A spokesman for singer Ariana Grande emailed Buzzfeed to say that “The photos are completely fake.”
Many of the leaked photos have been circulating on file-sharing and photo sites as well as across social networks.
4chan moved quickly to remove posts from its servers but a screenshot of what a poster calls “celebgate” lists 100 allegedly hacked celebrities.
Twitter also acted quickly and responsibly by suspending accounts that posted nude photos of Lawrence. A spokesperson for the social network declined to comment on the specific reasoning behind the suspensions, but did point out Twitter’s rules which say:
You may not publish or post other people's private and confidential information, such as credit card numbers, street address or Social Security/National Identity numbers, without their express authorization and permission.
Some reports suggest the hacker was able to access the photos directly through the celebrities’ iCloud accounts but Apple has yet to comment on those rumours.
Nude snaps of celebrities are big business, of course, with a single picture reportedly worth as much as $50,000 per day in ad revenue to any publisher prepared to risk uploading a stolen image.
But it’s not all money, money, money for the hackers who acquire the images in the first place – Christopher Chaney recently received a ten year stint in jail after hacking into phones belonging to Scarlett Johansson and Christina Aguilera, an incident which Johansson said had left here feeling “truly humiliated and embarrassed.”
It’s not just celebrities that have to worry about their intimate photos ending up online either – in recent years we have seen a rise in the number of ‘revenge porn’ sites which publish photos sent in by jilted exes.
While the operators of such sites are taking risks with their civil liberties, the potential embarrassment and harm to the victims is very real.
It’s not the celebrities’ fault that these images have been stolen, but it’s a reminder to us all that once you take that photo you cannot be sure where it’ll end up, even if you don’t send it to anyone.
So what can you do to ensure your naughty photos don’t end up online?
The easiest, and most fail-safe, answer is don’t take the photos in the first place.
If your phone is set to automatically backup everything to the cloud, your photos will not stay safely on your phone.
And once you send a photo to that special someone, however much you trust them, you cannot be sure where it will end up.
It’s all fun and games until your boss/parents/grandparents see your nudey pics online.
For further information
We have a number of Naked Security resources to help you stay safe online, from what to do with nude selfies (don’t take them in the first place!) to how to enjoy sites like Facebook and Twitter without giving away everything about yourself.
Here are some links you might find useful:
- How to avoid having naked photos stolen by hackers
- Facebook scams – how NOT to get sucked in
- 5 tips to make your Facebook account safer
- Facebook scams – “Be Aware Before You Share”
- How to improve your Twitter security and privacy
- Anatomy of an iTunes phish – tips to avoid getting caught
- 4 free tools to boost your security
- Sophos Threatsaurus – an online A-Z of threats and how to protect against them
And here’s a short and straight-talking video that not only shows you how to pick a proper password, but also explains why you should bother.
→ Can’t view the video on this page? Watch directly from YouTube. Can’t hear the audio? Click on the Captions icon for closed captions.
Images licensed under Wikipedia / Jenn Deering Davis.
Pretty sure once something [photos] is in the public domain you are free from being charged if you re-post it
To add: if this was untrue, then Perez Hilton would have been charged from posting them online earlier (even though he removed them later)
But they aren’t in the public domain.
As far as I am aware, only the original copyright holder could put them in the public domain. (Stealing something and publishing it doesn’t imbue you with the right to imbue others with the right to use it 🙂
Don’t use “this is available publicly” to infer “so it must in the public domain,” any more than you would use “this car is parked on a public road” to infer “so I am allowed to take it for a joyride.”
99% agree (you did miss a closing bracket… :-)).
I completely agree with the line that says don’t take them in the first place, its common sense which sadly some people seem to lack now-a-days.
I also agree
I disagree with the recommendations here. These are not photos the celebs posted publicly someone. People should have reasonable expectation that any intimate photos they take in private will stay that way. Blaming women for having their privacy violated is inappropriate.
Neither Lee nor anyone else at Naked Security is blaming these women for having their privacy violated, they are the victims of a crime. Morally and legally they have been wronged.
Self-defence advice is not a criticism.
Yet, there is some implied fault in things like, “don’t take the pictures in the first place [dumbass].” It’s good criticism, but be aware it can be taken wrongly.
Just like every piece of security advice given in the wake of an incident. There’s that implication between the lines.
The article states: “So what can you do to ensure your naughty photos don’t end up online? The easiest, and most fail-safe, answer is don’t take the photos in the first place.”
It says that because that is the best advice we can come up with and our remit is to provide news, opinion, advice and research on matters or privacy and security.
If you take our advice and then add your own words then of course you change the meaning. There is a reason you had to add ‘dumbass’ to the sentence – and a reason we didn’t.
I have to unfortunately disagree with you, even though your ideal is what is hoped for it is just not realistic. There are people out there everyday trying to hack celebrity cellphones… Its just the way it is, its not fair but its what is happening. It is currently the price of fame, especially for female celebrities. There is no one celebrities can blame for their own ignorance of this fact, and if they aren’t ignorant then there is no one they can blame for the stupidity shown when ignoring this fact.
I don’t mean to blame the victim, because its not fair, but unlike other sexual crimes, this is 100% preventable. Don’t take nude photos. I agree completely their privacy has been violated but its not like this is the first cellphone hack, and I realize this has allegedly been done through iCloud… but photos were still taken on the cellphone. If a celebrity takes a nude photo on a CELLPHONE it better be while acknowledging that it will probably get posted online.
I sincerely hope this never happens again to a celebrity, but we all know it will.
That’s the risk you take when you take nude photos. What’s private, should remain for the appropriate eyes only. You put it in a photograph and you’re going to have a problem at some point.
So you just shrug and say “it’s your own fault”? I don’t think that’s good enough and completely ignores that there’s been a serious abuse. One that is continued by every person who generates ad revenue by looking for the images.
It’s quite possible to say that the victim of a crime has acted foolishly *without* ignoring the fact that a crime has been committed. Being the victim of a crime does not – and should not – render you immune to criticism of your actions.
The key word in Palma’s post is “risk”. Even with the best intentions of privacy something can always go wrong and according to Murphy’s law, given enough time, it will.
They are in the Public Eye. They chose to be PUBLIC PROPERTY!
They should have been encrypting their photos and encrypt the encrypting credentials, this is the safest way. This can be done with a wide range of apps. WWPass even goes further than this.
I’ll wager that the passwords to the hacked accounts were the infamous top ten passwords, including: password, 1234578, 1234, etc.
We don’t know anything about how the photos were acquired but the fact is that there is money to be made from stealing them. The passwords may have been easy to guess but even if they weren’t it’s well worth a criminal’s time to be persistent and take their time.
If I had photos, documents, etc. of a sensitive nature I’d never store them in the cloud or any other service. A USB with Bitlocker stored in my gun safe, maybe. But not anywhere that requires me to send the file over the Internet.
I don’t get why any person take her/him own nude photos? Why do you need it? To show others I have more beautiful body than you have. Am I right ?¿
I guess that’s between the person who took the photos and the people they took them for, which in this case didn’t include you or me.
Yes you’re right, we don’t have to know it and privacy is privacy even if you are an ordinary person or not. But don’t they realize they are famous and I have to say that we have seen many issues like this(leaks) also they see so they can be more careful! I think . This made me feel a little bit weird on them 🙁
The thing is we really have no idea what precautions they took or how the hacker acquired the photos. We also don’t know if they even knew the photos were stored wherever they were stolen from. They might have been plundered from husbands’ or boyfriends’ iCloud accounts for all we know.
I agree that we don’t really know what precautions were taken, but given the supposed volume, I think you are being too generous in considering the possibility that none of them were aware that these photos existed.. If even one of them knows, which is again realistically the case, then they should have taken better precautions, or probably in most cases any precaution.
What utter nonsense. There are two options. One is that many people are remarkably naíve. the othe is that they ar manufacturing publicity.
“To those of you looking at photos I took with my husband years ago in the privacy of our home, hope you feel great about yourselves… Knowing those photos were deleted long ago, I can only imagine the creepy effort that went into this. Feeling for everyone who got hacked.”
I would like to say that I feel sorry for these people but I can’t… too bad they had to learn the “nothing is ever deleted” lesson like this, but then it’s all good publicity unless you look like Jabba the Hutt.
It’s good publicity ESPECIALLY if you look like Jabba the Hutt!
There is one sure way of never getting your naked photos stolen. NEVER TAKE NAKED PHOTOS!!!!!!!!
Really people… You’re really gonna get pissed at this?? I got a solution for ya, QUIT TAKING NAKED PICTURES OF YOURSELF!!!!! THEY WILL EVENTUALLY GET OUT!! Quit being stupid
Yeah, even on film cameras. Back when I worked at Fotomat, 30 or more years ago, we used to steal people’s naked photos, and then tell them that they were censored!
Is anyone else disturbed the the focus has been on people not taking the photos in the first place, and not on Apple for betraying their trust? I barely see any finger pointing at Apple. It’s either been toward the hacker (rightly so), or toward the actresses for using their freedom to take whatever photos they want.
They even assumed that it was the actresses fault for having an insecure password, rather than place any blame towards Apple. Just more evidence that the media is biased toward large brand name corporations.
Moral of the story is… If you don’t want photos of you on the Internet, don’t put the damn things out there in the first place.
EVERYTHING gets hacked eventually, and they would have gotten these photos at some point in time. So the best advice is to not put things on the Internet, that you would not want others to see in the first place!