The Fappening hacker gets 8 months in jail for leaking celebrity nudes

The 26-year old hacker is sentenced to 8 months in prison for stealing intimate photos of Jennifer Lawrence and others

George Garofano, The Fappening hacker, is sentenced to 8 months in prison and 3 years of supervised release.

On Wednesday, the federal judge at US district court in Bridgeport has sentenced George Garofano to eight months in prison and three years of supervised release for stealing and exposing nude photographs of Jennifer Lawrence and other celebrities in The Fappening 2014 scandal^[1].

The 26-year-old hacker has managed to access private information stored on iCloud accounts of 240 people, including Hollywood stars. G. Garofano was one of four cybercriminals who hacked into the accounts and stole personal details along with intimate photos of Kate Upton, Jeniffer Lawrence, Kirsten Dunst, and others.

The prosecutors demanded a sentence of 10 to 16 months in federal prison. However, G. Garofano's lawyer asked for leniency and no more than a five-month punishment with a five-month home confinement^[2]. The sentencing memo presented to the court by the prosecutor stated the following:

Mr Garofano’s offense was a serious one. He illegally hacked into his victims’ online accounts, invaded their privacy, and stole their personal information, including private and intimate photos. He did not engage in this conduct on just one occasion. He engaged in this conduct 240 times over the course of 18 months.

The Fappening hacker pleaded guilty in the court

George Garofano pleaded guilty in April and admitted that he hacked 240 iCloud accounts to access private information^[3]. The prosecutor had a solid statement to the court for this offense and emphasized that the attacker not only stole nude photos but also leaked them online:

Not only did Mr Garofano keep for himself the photographs he stole, he disseminated them to other individuals. He may have also sold them to others to earn ‘extra income’.

However, the defense said that the crime was conducted when G. Garofano was still in college. Now, he has matured and taking responsibility for such actions^[4]:

He now stands before the court having matured, accepting responsibility for his actions and having not been in trouble with the law since <…> There is nothing to suggest that he would ever engage in this or any other criminal conduct in the future.

The attacker impersonated Apple's security team to obtain iCloud logins and passwords

G. Garofano explained that he managed to access 240 different iCloud accounts with the help of social engineering tactics and deceptive spam emails. The hacker impersonated Apple's security team and sent fraudulent emails to the potential targets of interest^[5].

The spam emails helped him to collect logins and passwords to iCloud accounts and steal private photographs. Likewise, cybersecurity experts warn to be vigilant and never open suspicious and unverified emails even if they look legitimate. Be cautious to avoid hacking attempts.