What do celebrities (mostly young and female), 4chan, hackers, Bitcoin, and iCloud have in common?

They’re all ingredients of a scandalous Labor Day Weekend, one that was filled with celebrity ‘skin’, outrage, confirmation (and denial)…and now an FBI investigation into the crazy incident that has everyone talking.

But is it the ultimate internet scandal or a sobering reality of the importance of safeguarding your content to reduce the risk of it being stolen? Both.

Before we go into that, however, in a nutshell (and in case you don’t know by now), here’s what happened:

On Sunday, users of the often-controversial message-board 4chan, saw a large trove of nude celebrity pics posted on the /b/ (also known as the ‘random’) thread. The extensive list of celebrity ‘victims’ included Jennifer Lawrence, Kate Upton, Mary Elizabeth Winstead, Kirsten Dunst, Ariana Grande, Kim Kardashian, Victoria Justice and many others. Afterwards, the photos quickly spread to Reddit.

Then the reactions started to come in.

While Jennifer Lawrence didn’t respond herself, here was her spokesman’s reaction (which confirmed the pictures’ legitimacy): “This is a flagrant violation of privacy. The authorities have been contacted and will prosecute anyone who posts the stolen photos of Jennifer Lawrence.”

(Source: Washington Post)

Not surprisingly, many of the celebrities were quick to respond themselves, taking to Twitter, some denying the legitimacy of the photos while others admitting that they were real. Below are some of the celebrity reactions on Twitter.

Actress and singer Victoria Justice took the humorous route as she called ‘her’ pics ‘fake’:

On the other end of the spectrum, actress Mary Elizabeth Winstead took a very serious tone as she confirmed that her stolen photos were real:

And here was Kirsten Dunst’s reaction:

But why is Dunst ‘thanking’ iCloud? And who was behind this ‘leak’? Million-dollar questions. Let’s start with the ‘who’.

It’s still uncertain exactly who the perpetrator (or perpetrators) are. According to reports, 4chan apparently hosted a shady, unorganized ‘black market’ for celebrity photos where users would sell, buy and/or swap these photos and often boast of their ‘collection’. And while some Redditors have put the blame on Bryan Hamade, a 27-year-old man from Georgia, he is ‘vehemently denying’ the claims (he did an interview with BuzzFeed yesterday morning). You can read it here (warning: could have some NSFW content).

Now back to the iCloud bit…

Some 4chan hackers claimed that they exploited a previously-unknown flaw in Apple’s iCloud, more specifically the photos, contacts, and music syncing feature.

After ‘more than 40 hours’ of investigation, however, Apple is claiming that its systems aren’t the ones to blame for the breach, saying that this was a targeted attack on the celebrities rather than a widespread breach. Here is part of their statement: “None of the cases we have investigated has resulted from any breach in any of Apple’s systems including iCloud or Find My iPhone.” For more on Apple’s take, you can read the CNET report here.

Also, as mentioned before, the FBI is now involved. The following is a comment from FBI spokesperson Laura Eimeiller regarding the matter: “[The FBI is] aware of the allegations concerning computer intrusions and the unlawful release of material involving high profile individuals, and is addressing the matter. Any further comment would be inappropriate at this time.”

As this story continues to develop, many of you are probably wondering (and worrying) about the security of your own, personal (and possibly sensitive) information. Some people are arguing that the easiest way to avoid these scandals would be to not take nude selfies in the first place, (NYT Colunmnist Nick Bilton and comedian/actor Ricky Gervais both made similar jokes on Twitter about it – see below), while others are calling that ‘gross advice’ (read Amanda Hess’ Slate article here).

Gervais ended up deleting his Tweet, but here’s what he said originally: “Celebrities, make it harder for hackers to get nude pics of you from your computer by not putting nude pics of yourself on your computer.”

Here was Bilton’s Tweet (he later apologized):

A major takeaway, regardless of your opinion on this matter (or whether you snap revealing pics of yourself on your iPhone), is that many people take internet and mobile security for granted and don’t do enough to protect their personal information.

Here are some general tips safeguarding tips that will help reduce the risk of losing or unwillingly exposing your personal info:

• Malware often targets user log-in details. Use security software to protect yourself, particularly one with a secure web browser. We here at Webroot have found that over 50% of internet traffic stems from mobile devices, and web browsing is the most likely source of attacks.
• Have a different secure password for each place you store important data – pictures, documents, etc. is critical – and change the password often (at least once every few months). This will keep you a step ahead of cyber criminals.
• Watch out for phishing attacks! Never click on a link in an email except from a trusted party. Never enter your login information just because a company sends you an email with a link to a page that looks like the real company page – it could be a fake phishing page.
• Use passwords that are difficult for automated computer programs to crack. Use phrases or even whole short sentences like CowboysNeverbeat49ers!! Change it often.
• Pet names, birth dates, and simple number combinations are not secure passwords, nor a replacement for real-time protection software and basic security practices.

And one tip for Apple iCloud users – Apple is saying that its internal systems aren’t to blame and they’re probably telling the truth. But the fact that iCloud wasn’t breached isn’t an excuse to use a weak password or have a simple (or honest) answer for your security question. Remember, the easier it is for you to log in to an account, the easier it else for somebody else to do so, too.

Oh, an one last thing. Just because you delete a photo from your iPhone doesn’t mean it’s automatically deleted from iCloud (or wherever else you may have stored it). Stay secure!

About the Author

Blog Staff

The Webroot blog offers expert insights and analysis into the latest cybersecurity trends. Whether you’re a home or business user, we’re dedicated to giving you the awareness and knowledge needed to stay ahead of today’s cyber threats.