Cops: Hacker posted stolen X-rated pics on Facebook
IDG News Service - A 23-year-old California man was expected to appear in court Tuesday, after police say he broke into the Web mail accounts of more than 3,000 women and posted sexually explicit images of many of them on Facebook.
George Samuel Bronk was arrested Friday following an investigation involving federal authorities and the California Highway Patrol's Computer Crimes Investigation Unit. He is set to be arraigned Tuesday afternoon in Sacramento County Court.
Investigators were tipped off after a Connecticut woman contacted local police saying that someone had posted sexually explicit photographs of her to her Facebook page. The photos had apparently been taken from a hacked Web mail account.
Investigators then linked the IP (Internet Protocol) address used to access the hacked accounts to Bronk's computer. They raided his Citrus Heights, California, home on Sept. 24 and discovered evidence that there may be thousands of victims, according to Sergeant Kelly Dixon, of the CHP's Computer Crimes Unit. Police also found images of child pornography on the computer, he added.
The case shows how the information stored on social media sites can be misused, and ultimately turned against victims. Police believe that Bronk broke into about 3,200 Web mail accounts by guessing the answers to password reset questions used by services such as Gmail, Yahoo Mail and Microsoft's Hotmail. "He didn't know any of them; he just apparently had a lot of time on his hands," Dixon said. "He would just search Facebook, look at females, and glean information."
He allegedly found the sexually explicit photos stored in the Web mail accounts, and then used his control over the victim's email address to access Facebook.
Police have now positively identified 20 victims, but are sill looking for more. They believe that Bronk posted images to between 170 and 176 Facebook pages, and also e-mailed them to the victim's friends.
Some of the photos were "very sexually explicit," and at least one case involves a video, Dixon said. "The victims that have been contacted were mortified," he said.
The California Office of the Attorney General is attempting to locate victims, Dixon said.
Bronk is facing a 30-count indictment that charges him with hacking, possession of child pornography and felony impersonation. He could not immediately be reached for comment.
Computer security experts have known for years that the password security questions that Bronk is alleged to have guessed are a weak link in online security. In 2008, a college student named David Kernell guessed the answer to some of these questions using information he'd found on the Internet and was able to break into the Yahoo Mail account of Alaska Governor Sarah Palin. Kernell is set to be sentenced for that crime in Nov. 12.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts