Yes, celebrities can also be hacked. Everyone can. And they may especially be the main objective, since their personal information is, unfortunately, very valuable because of its great public interest.
In this case we could call the hackers as the new ‘paparazzi’.
In most of these cases they take advantage of the inattention of the user or a security breach, but they also use brute force to obtain the credentials of their personal accounts.
The objective varies depending on each cybercriminal, but there are usually two reasons they do it:
- Extort the victim: asking for financial compensation in exchange for not disclosing the information obtained
- Get popularity: give themselves the credit of having been able to achieve it and ridicule the victim
Here is a list of some cases in which the privacy of celebrities has been compromised.
‘Fappening’ Case: massive filtering of naughty images of famous actors and singers
In 2014 there was a massive leak of intimate photographs of famous people that was called the Fappening movement or “Celeb Gate”.
How did it happen? By the Apple cloud storage service: iCloud.
The hackers used a script developed in Python called iBRUTE. It is a type of attack of ‘Brute Force’, with which you can decipher the key of an account by repetitive attempts until it is revealed.
There’s no need to say that due to the weak passwords, with few characters and composed by very common words, that it became a massive attack.
The attack was perpetrated through a vulnerability in the “Find my iPhone” application that connects to the user’s ID. And also thanks to the fact that iCloud did not take the precaution of blocking those accounts in which a login with repetitive attempts was being made.
The images were published anonymously through the 4chan and Reddit platforms, and although the failure lasted only a couple of days, 300 million users of iCloud were affected. Among them celebrities such as Jennifer Lawrence, Kirsten Dunst, Lea Michele, Kate Upton, Victoria Justice, Arianna Grande or Kaley Cuoco, etc.
Apple patched this vulnerability at 3:20 in the morning and its CEO, Tim Cook, was forced to apologize and promise an improvement in the security of the service. The measures were adopted after a huge financial loss and reputation, a few days before launching the iPhone 6.
Mark Zuckerberg hacked because he had the same password for his social networks
Mark Zuckerberg suffered an identity theft in his social networks. The CEO of Facebook was hacked by the Twitter and Pinterest accounts. His Facebook account, was at least, safe.
The authors acknowledged their authorship: a group of cybercriminals known as OurMine.
In 2012 these hackers managed to get 117 million passwords from the LinkedIn professional network, among them, the creator of Facebook’s credentials. And apparently, Zuckerberg had the same password for his other accounts.
“Hey Mark Zuckerberg, we got access to your Twitter & Instagram & Pinterest, we are just testing your security, please dm us” the hackers tweeted from Zuckerberg’s account, where they even pointed out the password they had obtained.
All the tweets were deleted moments later, but not before changing the name of his Pinterest account, which they called “Hacked By OurMine Team”.
The Sony case: a movie makes North Korea angry
It is said that North Korea was behind this massive computer attack. It is also said it was because of a satirical movie about its leader Kim Jong-Un, ‘The Interview’, a film produced by Sony Pictures Entertainment.
In the attack, committed in November 2014, the hackers stole personal data from all Sony studio employees and company contracts, as well as email content and up to five movies.
And due to the fact that Sony is a movie studio, those affected were some of the most famous in the world.
Actually, among the data leaked by the cybercriminals, was the salary of the protagonists of the film: Seth Rogers earned $8.4 M (€6.79 M) and James Franco, 6.5 (€5.25 M).
The hackers, who call themselves GOP (Guardians of Peace), stole from the servers of Sony Pictures promotion data of some films, and among them the addresses and telephones of all the staff involved.
Also, they exposed the names that celebrities use to protect their privacy: Tom Hanks, introduces himself as Harry Lauder or Johnny Madrid; Sarah Michelle Gellar is Neely O’Hara; Natalie Portman introduces herself as Laura Brown; Clive Owen is Robert Fenton; Jessica Alba appears as Cash Money, and Daniel Craig is Olwen Williams.
In addition to this information, the Social Security numbers of more than 47,000 people related to the company were poured into the Network. Among them, the actor Sylvester Stallone, the television presenter Conan O’Brien and the director Judd Apatow.
Instagram Case: Selena Gómez and Justin Bieber (among others)
The social network Instagram was the victim of an error in the code of the interface, in which the criminals took advantage of the failure in the API to steal the data of more than six million users and multiple celebrities.
Although according to the company, amongst the hacked information no account passwords were found, telephone numbers and e-mail addresses did appear.
The confirmation of the bug was announced by Instagram two days after Selena Gómez suffered a hack in her account. The singer, with 125 million followers, closed her account after the publication of some photographs taken in 2015 of her ex-boyfriend Justin Bieber nude. The security of the account was restored hours later and remains active since then.
In addition, other celebrities were also victims of this cyber-incident like Emma Watson, Emilia Clarke, Leonardo DiCaprio, Harry Styles, Victoria Beckham, Beyoncé, Taylor Swift, Floyd Mayweather and David Beckham, among others.
What is clear is that nobody is totally safe and that in terms of cybersecurity, every little precaution is vital.
- Phishing in social networks: do not trust your friends - August 29, 2018
- Mr Robot: cyber security lessons at home and from the sofa - April 11, 2018
- No one is safe from cyberattacks, and celebrities are no exception - April 4, 2018