Download our in-depth report: The Ultimate Guide to IT Security Vendors
An application and affidavit for a federal search warrant was recently unsealed in connection with last fall's theft of several celebrities' personal photos from Apple's iCloud service.
"After more than 40 hours of investigation, we have discovered that certain celebrity accounts were compromised by a very targeted attack on user names, passwords and security questions, a practice that has become all to common on the Internet," Apple acknowledged in a statement at the time.
In the recently unsealed affidavit, which was first published by Gawker, FBI special agent Josh E. Sadowsky stated, "The FBI is currently investigating online leaks of private photographs, including nude and sexually explicit photographs of dozens of female celebrities -- including victims A.S., C.H., H.S., J.M., O.W., A.K., E.B., and A.H. -- that began on or about August 31, 2014, and which are ongoing."
Sadowsky reviewed AT&T Internet subscriber information for the IP address 184.108.40.206, which was linked to Chicago resident Emilio Herrera. After reviewing Apple records related to that IP address, Sadowsky determined that the IP was used to access approximately 572 unique iCloud accounts, several of them the accounts of celebrities who had photos leaked online. The same IP address was also used to attempt to reset 1,987 unique iCloud account passwords.https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i
According to Gawker, Emelio Herrera's residence was searched on October 15, 2014, and several computers, mobile phones, and storage devices were seized.
Still, as The Register notes, Herrera has not been charged, nor is he considered a suspect at this point.
"We are increasingly seeing the consumerization of hacking tools and techniques, which when paired with the vast amount of data available about us in the cloud can have disastrous impact on individuals," Tripwire senior security analyst Ken Westin told eSecurity Planet by email.
"Attackers today only need a modicum of technical skill and a bit of malicious intent and they can harvest large quantities of data about individuals, not just public information but also private," Westin added.