Celebrities losing their personal data to cybercriminals has been very much in the news recently. But it’s not just starlets having their personal photographs stolen (see item 1) – celebrity data is valuable and hackers can turn everything that’s private, from emails to credit ratings, into money or notoriety.
Let’s take a look at some of the worst cases celebrity privacy hacks and data loss…
Unless you live in a hole in the ground you must have heard of this one. Mainly nude, but always personal, photos have been swiped illegally and posted to the internet.
It seems that some of the victims at least had naked photographs stolen from iCloud accounts compromised by targeted password-guessing. The abuse is still going on, the perpetrators haven’t been caught and more women are falling victim as time goes on.
2. Unreleased songs by Lady Gaga, Justin Timberlake and 50 other pop stars leaked online
Ms Gaga and around 50 others, including Justin Timberlake, Ke$ha and Kelly Clarkson had their computers infected with malware that was used to steal data including credit card details, photos, email and unreleased songs.
Two young hackers from Germany were behind the theft, apparently for financial gain: unpublished music can fetch 5-figure sums, according to authorities, says Deutsche Welle, but blackmail may also have been a motive.
The older lad, aged 23 at the time of the crime in 2010, was handed an 18-month suspended sentence, while the 17-year-old was given the same at a young offenders’ institute.
3. Bank details and more published about Beyoncé, Jay-Z, Michelle Obama, and 15 other public figures
Personal information and credit reports, which often include details of social security numbers, mortgages, addresses, credit card and bank accounts, of an A-list cast were published on a website by hackers in March 2013.
The leak came via a credit report company, annualcreditreport.com, which was compromised by means unknown. It’s unclear if this was a straightforward hack, or whether the hackers were able to collect enough information about their targets from the web to impersonate them and gain access to their credit histories.
While financial gain is an obvious motive in this case, as with most cases of public hacking, bragging rights plays a big part.
The other thing to note when breaches like this go public is the huge number of people who jump on the bandwagon, distributing malware via booby-trapped sites and downloads aimed at compromising those of us who go searching for the illegal files on the internet.
4. Miley Cyrus had photos stolen from email account and published
This is an interesting one on several levels.
Firstly, in 2008 the little pop icon was just 15 years old. The photos stolen from Miley were not nude ones, but were ‘provocative’, showing her baring her midriff in the shower and posing sexily in her underwear.
Like many teens, she naively used the same password on her Gmail account as her MySpace one.
19-year-old Josh Holly, professional bragger and celebrity hacker, obtained access to Miley’s (and others’) MySpace account details by impersonating a MySpace worker on instant messenger and requesting access to the site’s back-end.
Holly tried Miss Cyrus’s password on her Gmail account and found her photos, downloaded them, and eventually managed to get someone to publish them. Then the floodgates opened and other celebrity gossip websites happily posted them too.
Holly was caught after he just wouldn’t shut up about it, according to another hacker named Padillac, “acting like an attention starved 8-year old”.
Holly was sentenced to 3 years probation for computer crimes – though not for his Cyrus hack – after pleading guilty to possessing about 200 stolen credit card numbers, as well as breaching celebrity MySpace pages in a spamming scheme that earned him at least $100,000.
5. Scarlett Johannson, Mila Kunis and others had nude photos and lurid texts published online
Around 50 superstars in ‘Operation Hackerazzi’ suffered a gross breach of privacy after a hacker accessed their email accounts and stole nude photos as well as lurid text messages and emails.
Two online gossip sites were happy to publish them.
Christopher Chaney was reported to have changed the celebrities’ email settings, forwarding a copy of incoming messages automatically to an email address he had access to (even if they smelled a rat and changed their passwords).
Incidentally, his trick of getting happy with the password reset feature, coupled with identifying information he found about his targets on the internet, was also used by other criminals to hack Sarah Palin and Paris Hilton’s accounts.
Although Chaney drew a whopping 10 years’ jail time from his crimes, we haven’t heard of repercussions on the gossip sites that willingly went public with the stolen material.
Bonus: Nude Carla Bruni photos snared diplomats at the 2011 G20 Summit
This deserves a mention as a prime example of how the lure of illegally acquired, exclusive, or explicit content can trip any of us up.
That includes high-value espionage targets such as diplomats, who you’d hope would know better.
Nude photos of Carla Bruni from her days as a model and before she became the wife of the French President Nicolas Sarkozy, were used in an attack against the world’s leaders at the G20 Summit.
At the summit, they each received the tantalising but Trojan-carrying email stating:
To see naked pictures of Carla Bruni click here
At the time of the Summit, Ms Bruni was the French First Lady. “Almost everybody who received the email took the bait,” said a government source in Paris, saying that this included representatives from the Czech Republic, Portugal, Bulgaria, Hungary and Latvia.
It was later reported that Chinese hackers were behind the breach, who also allegedly launched other cyberattacks on members of the Summit in their efforts to acquire global intelligence and financial gain.
It’s not just celebrities at risk – your personal and business information has a value and it can be sold and abused too.
It’s your right to take naked photos of yourself, but keeping digital photos private and under your control can be difficult, particularly if you share them.
- Remember, you are a target
- Use strong passwords everywhere
- Use a different password for every website
- Use two-factor authentication wherever you can
Here’s a short and straight-talking video that not only shows you how to pick a proper password, but also explains why you should bother:
→ Can’t view the video on this page? Watch directly from YouTube. Can’t hear the audio? Click on the Captions icon for closed captions.