Brian Jackson - Fotolia

A second US man pleads guilty to hacking celebrity accounts

A second US hacker faces five years in jail after a guilty plea for hacking into celebrity accounts and stealing private images that were leaked online in 2014

A second US man has pleaded guilty to gaining authorised access to celebrity iCloud and Gmail accounts and stealing nude images that were leaked online in 2014.

Edward Majerczyk (28) of Chicago, Ilinois used similar methods as Ryan Collins (36) of Lancaster, Pennsylvania, but US authorities have not made any connections between the two men.

Although both used phishing emails to trick celebrities into divulging their passwords, neither have been linked to leaking stolen private images and videos online.

Police investigations into the online leaks that involved more than 100 celebrities, including Rihanna and Jennifer Lawrence, led to the arrest of Majerczyk and Collins.

Collins targeted victims with emails that appeared to come from Apple and Google to get their log-in details, while Majerczyk’s sent messages that looked like security warnings from internet service providers that tricked victims into visiting malicious websites designed to steal log-in information.

Collins is believed to have accessed at least 50 iCloud accounts and 72 Gmail accounts between November 2012 and September 2014.

Majerczyk is believed to have stolen the log-in credentials more than 300 Apple iCloud and Gmail accounts between November 2013 and August 2014, including those of around 30 celebrities, according to a statement by the US Attorney’s Office.

 “Hacking of online accounts to steal personal information is not merely an intrusion of an individual’s privacy but is a serious violation of federal law,” said US Attorney Eileen Decker. “Defendant’s conduct was a profound intrusion into the privacy of his victims and created vulnerabilities at multiple online service providers.”

Read more about two-factor authentication

Both Majerczyk and Collins – who pleaded guilty in March 2016 – could face up to five years in jail. They also face a fine of up to $250,000 and may have to pay compensation to their victims.

When the images were leaked online, security commentators said the incident underlined the importance of using two-factor authentication for online accounts, which will help keep hackers out even if passwords are compromised.

Following the compromise of the celebrities’ iCloud accounts, Apple recommended users choose a strong password and enable two-factor authentication. Apple also announced that it would alert users through email and push notifications when any changes to account settings were made.

Read more on Privacy and data protection