FBI: 600 Accounts Breached in Celeb Nude Photo Hack, Investigation Leads to Chicago

AP Photo/Andy Wong
AP Photo/Andy Wong

A federal investigation into last summer’s celebrity nude photo hack led agents to a residence on the South Side of Chicago, and revealed the number of targeted victims to be much larger than previously thought.

Last August, nude photos of more than 100 celebrities suddenly began appearing online, after their Apple iCloud accounts were compromised. Images of stars like Jennifer Lawrence, Kate Upton, and Kaley Cuoco were then distributed on numerous websites, after first appearing on 4chan.

A representative for Lawrence, arguably the biggest star to fall victim to the hack, said at the time: “The authorities have been contacted and will prosecute anyone who posts the stolen photos.”

The scandal was quickly deemed “Celebgate” online.

According to newly released court documents obtained by NBC News, an investigation by the FBI’s Cybercrimes Unit revealed someone using a single computer in Chicago infiltrated nearly 600 such accounts, and a trail of digital evidence led investigators to a house owned by a man named Jesus Herrera.

The Bureau said its investigation found that a computer linked to two email addresses belonging to 30-year-old Emilio Herrera accessed the hacked accounts, according to a search warrant affidavit from October 2014, which was recently unsealed in U.S. District Court in Chicago.

Investigators were given a warrant to search Herrera’s home, but it is unknown what was found, and he was not named as a suspect in documents.

NBC reports IP and email addresses can be masked or manipulated through numerous technologies, and Internet data can be routed through third-party computers without their owners’ knowledge, “using any of a number of software packages.”

The suspected computer address was used to access 572 unique iCloud accounts about six times apiece, and attempted 5,000 iCoud password resets to 1,987 other accounts, according to the affidavit, as reported by NBC.

In all, roughly 2,500 accounts were targeted.

After an internal investigation, Apple concluded last September that its servers were secure, and blamed the attack on users’ failure to properly secure their passwords, usernames and security questions.

“After more than 40 hours of investigation, we have discovered that certain celebrity accounts were compromised by a very targeted attack,” the company said.

“None of the cases we have investigated has resulted from any breach in any of Apple’s systems including iCloud or Find my iPhone. We are continuing to work with law enforcement to help identify the criminals involved,” the tech giant added.

No additional documents have been released, and the investigation remains ongoing.


Please let us know if you're having issues with commenting.