Man who hacked celebrity email accounts sentenced to prison
Christopher Chaney accessed email accounts of Scarlett Johansson, Mila Kunis, more than 40 others
Computerworld - A man who admitted to illegally accessing email accounts belonging to more than four dozen celebrities to steal their private photos and confidential documents was sentenced to 10 years in federal prison by a U.S. District Court judge in Los Angeles on Monday.
Christopher Chaney, 36, of Jacksonville, Fla. was also ordered to pay a fine of more than $66,000 as restitution for his crimes.
Chaney was arrested in November 2011 and has been in custody since March, when he pleaded guilty to nine felony counts, including unauthorized access to computers and wiretapping. He faced a maximum of more than 120 years in prison.
According to the U.S. Attorney's office in Los Angeles, Chaney gained access to the email accounts of Mika Kunis, Scarlett Johansson, Renee Olstead and dozens of other celebrities by resetting their passwords using the "forgot your password" feature. Chaney apparently used publicly available information on the celebrities to correctly answer the security questions needed to reset the passwords on the Gmail, Apple and Yahoo email accounts they used.
Once he gained access, Chaney looked through the contact lists for more victims. He also changed the account settings on each email account he accessed so he would have a duplicate copy of all incoming mail forwarded to his own email account. That allowed him to receive email meant for the celebrities -- even after they regained control of their accounts.
Chaney collected numerous private photographs, business contracts, letters, scripts, driver's license information and Social Security Numbers. In several instances, he sent emails from the compromised accounts asking for more photographs, the FBI said in a statement.
Many of the photos were then forwarded to gossip sites. Nude pictures of Johansson and photos of other celebrities were later published online by some sites.
Email account hijackings are not uncommon. In 2008, Tennessee college student David Kernell broke into an email account belonging to Alaska Gov. Sarah Palin by resetting her password after guessing the answers to her security questions. He then took screen shots of the contents of several Palin emails and posted the images online. At the time, Palin was the GOP's vice presidential nominee.
As with Chaney, Kernell also used publicly available information about Palin to guess the correct answers to the questions. Kernell was sentenced to a year in prison.
Earlier this year, a hacker claimed that he had gained access to presidential contender Mitt Romney's email account using exactly the same tactic.
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan or subscribe to Jaikumar's RSS feed . His e-mail address is email@example.com.
Read more about Cybercrime and Hacking in Computerworld's Cybercrime and Hacking Topic Center.
- The Pivotal Big Data Suite- Reducing the Risks of Big Data The explosion of big data and the rapid evolution of big data tools and technologies is challenging IT to meet the demands of...
- A Survival Guide for Data in the Wild All corporate data used to reside in the data center. Safe and sound behind the corporate firewall. But now, employees have multiple devices...
- Transforming Security: Designing a State-of-the-Art Extended Team The information security mission is no longer about implementing and operating controls.
- The Big Data Security Analytics Era Is Here New security risks and old security challenges often overwhelm legacy security controls and analytical tools.
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!