It has been several years since “Celebgate” was a thing. The massive data breach was major news for quite some time.
But now, years later, the legal workings are just finishing up. As was first reported by AppleInsider on Friday, former high school teacher Christopher Brannan has been sentenced to 34 months for his part taken in the hacking scheme. Brannan was charged with aggravated identity theft and unauthorized access to a protected computer. The legal documentation reveals that Brannan accessed upwards of 200 separate accounts, including celebrities and non-celebrities, from Yahoo!, Facebook, iCloud, and more.
Utilizing phishing email accounts, Brannan was able to obtain the content of iCloud accounts, full iCloud backups, photographs, and much more. Those phishing emails were designed to look like legitimate emails from Apple, and Brannan used information he gathered from Facebook to bypass security measures in other accounts.
When the photos initially leaked, it was believed that the hack was made possible due to a vulnerability in Apple’s security implementation for iCloud. However, after investigation, it was revealed that the scammers used phishing emails to get the account credentials of celebrities which along with a weak password and the lack of two-factor authentication made their job easier.
While Apple has consistently been focused on security and data privacy, there is no doubt that following the “Celebgate” issue the company went full-tilt. Now, Apple talks about data privacy and user security on a semi-regular basis, especially as it relates to health.
Several different people were charged with the celebrity hack, including Brannan. Another of the group was Ryan Collins of Pennsylvania, who, at the time, faced upwards of five years in prison.