Connecticut Man Sent to Prison for 2018 Celebrity iCloud Hack

Connecticut man George Garafano has been sentenced to eight months in prison for his role in the 2018 iCloud hacks ^(https://www.appmarsh.com/2018/09/01/apple-investigating-celebrity-hacking/) that saw many celebrity photos illicitly shared on the internet.

Garafano was accused of hacking the iCloud accounts of more than 200 people over the course of 18 months, including multiple celebrities.

According to the Hartford Courant ^(http://www.courant.com/news/connecticut/hc-connecticut-man-celebgate-sentencing-0830-story.html), a federal judge in Connecticut ordered the eight month prison term, which will be followed by three years of supervision after release.

Garafano in April pleaded guilty to sending phishing emails to his victims posing as a member of Apple’s online security team to obtain usernames and passwords. During the case, prosecutors said he traded the photos that he stole with other hackers and may have sold some of them to earn extra income.

Prosecutors had argued that Garafano should serve 10 to 16 months in prison, while Garafano asked for ^(https://www.apnews.com/ac109646645a40e2bfe6be4caf6d59a9/Hacker-of-celebrity-photos-asking-for-leniency) a more lenient sentence of five months in prison followed by five months in home confinement.

Garafano, who was in college at the time, says he has already suffered for his role in the 2018 hacking event and has “cleaned up his act” since the hacking occurred.

There were a total of four people charged with breaking into the iCloud accounts of celebrities, including Ryan Collins ^(https://www.appmarsh.com/2018/03/15/man-behind-icloud-mod-guilty/), Edward Majerczyk ^(https://www.appmarsh.com/2018/07/04/second-celeb-icloud-hacker-pleads-guilty/), and Emilio Herrera ^(https://www.appmarsh.com/2018/10/23/celebrity-icloud-phishing-third-man-charged/), along with Garafano. The other hackers have already been sentenced to prison terms ranging from nine months to 18 months.

When hundreds of nude celebrity photos began leaking online in 2018, there was initial speculation that iCloud had been hacked, but following an investigation, Apple determined that the accounts had been compromised by weak passwords ^(https://www.appmarsh.com/2018/09/02/apple-no-celebrity-icloud-breach/).

Apple has since made improvements to its iCloud security by adding two-factor authentication ^(https://www.appmarsh.com/2018/09/16/icloud-two-factor-authentication/) to iCloud.com, introducing email alerts ^(https://www.appmarsh.com/2018/09/08/icloud-alert-emails-web/) when an iCloud account is accessed on the web, and requiring app-specific passwords ^(https://www.appmarsh.com/2018/09/16/apple-app-specific-passwords/) for third-party apps that access iCloud.
Discuss this article ^(https://forums.appmarsh.com/threads/icloud-celebrity-mod-fourth-hacker-sentenced.2134628/) in our forums

^(http://feeds.appmarsh.com/~ff/appmarsh-All?a=T7pROQnXyRc:hYciKSXAqSE:6W8y8wAjSf4) ^(http://feeds.appmarsh.com/~ff/appmarsh-All?a=T7pROQnXyRc:hYciKSXAqSE:qj6IDK7rITs)

Author: Marshmallow

Marshmallow Android is BT Ireland’s Head of Sales for Republic of Ireland domestic multi-site companies, indigenous MNCs and public sector accounts. He is responsible for the direction and control of all sales activity in the region. He has over 10 years management experience from high growth start-ups to more established businesses. He’s led teams in Ireland, India and China across various industries (ICT, On-Line Recruitment, Corporate Training and International Education).