LOS ANGELES (WHTM) – A central Pennsylvania man is facing up to five years in prison for hacking the iCloud and Gmail accounts of more than 100 people, most of them female celebrities.
Ryan Collins, 36, of Lancaster, has agreed to plead guilty to a felony count of computer fraud, according to the office of Eileen Decker, U.S. Attorney for the Central District of California.
The case will be transferred case to Harrisburg for his plea and sentencing.
Central Penn IT professor Harve Tannenbaum say it’s not just celebrities who are at risk.
“This can happen to everyday right people,” says Tannenbaum. “We just don’t hear about it unless you are an A-list person.”
According to the plea agreement, Collins from November 2012 to September 2014 used a so-called “phishing” scheme, sending emails that appeared to be from Apple or Google, and asked recipients to provide their usernames and passwords. He then illegally accessed the accounts and downloaded nude photographs, videos, and personal information.
The stolen images were posted on a website, but it’s not clear how they got there.
Decker’s office said the charge against Collins stemmed from an investigation into leaks of celebrity photographs in September 2014, but investigators have not linked Collins to the leaks and there’s no evidence he shared what he downloaded.
Authorities said he broke into at least 50 iCloud accounts and 72 Gmail accounts, most of which belonged to female celebrities.
Security expert John Sancenito says don’t take the bait.
“Be very suspicious of any email that comes in asking to reset the password,” says Sancenito. “If you are not sure don’t follow the link or respond to the email.”
Sancenito also says that we can make a better effort to protect ourselves by creating passwords with at least eight characters, including one upper case and one lowercase letter and at least one number and one special character.
Collins’ plea agreement calls for 18 months in prison but judges here in Pennsylvania will not be bound to the agreement.