Another Round of Celebrities Become the Victims of Cloud Hacks Exposing Nude Photos

Media Division | August 23, 2017

Cloud storage has been an absolutely beneficial service for people all around the globe. It allows us to store large amounts of data without having to keep it all on our devices, which enables us to free up some of the space. And while it has been a valuable service, it has also put a lot of data at risk to cyber attacks and breaches. This has been borne out by numerous cloud hacks resulting in stolen data. Some of best examples of this have been the large scale celebrity nude leaks that have occurred, colloquially coined as “The Fappening,” of which there were two incidents. Well, this type of cyber attack continues to occur, with the most recent incident involving nude photos of Kristen Stewart, Tiger Woods, and Miley Cyrus.

Details of the Hacks and How the Celebrities are Handling It

Now, just to be clear, these types of cloud hacks are typically not brute force assaults upon accounts. Rather, they tend to begin with targeted phishing attacks aimed at celebrities. Once the hacker has been successful with their phishing campaign, they use stolen credentials to either directly access the cloud account, or the person’s email to obtain cloud passwords. The latest incident began with nude photos of Miley Cyrus and Tiger Woods being leaked on the website Celeb Jihad. This site is a common ground for nude celebrity photo leaks. Later on, nude photos of Kristen Stewart appeared online that are apparently the work of the same perpetrator. Several of the celebrities have lawyered up, including Woods and Stewart. Legal teams have been contacting sites that posted the pictures to have them removed. Stewart’s case is going with copyright infringement, being that by having taken the photos, they have copyright over them. As far as tracing the perpetrator, there do not seem to be any leads in regard to these attacks.

There is a point to be made here for defending yourself from these types of attacks, and there are a few different methods that you can do this. First off, there is the factor of a strong password. Far too many people tend to have very simplistic passwords or use the same password for every account. Simple and widely used passwords make it easier for cyber criminals to obtain or guess them, as well as use them in widespread unauthorized access. Make sure that your password is complex enough to actually be secure. In addition, two-factor authentication can be another great way to bolster the security of your accounts. This can vary for different sites, but it could include a text sent to your phone with a randomly generated number that has to be entered along with your password to access an account.

The Value of Anti-Phishing Solutions

As mentioned above, attacks like the one being discussed often occur as a result of phishing. This is when an attacker cleverly designs an email that purports them as someone else. The entities that they will impersonate are numerous. They may even impersonate a close friend or a representative from a reputable company. Phishing campaigns are one of the most common forms of cyber attacks out there, and organizations must have anti-phishing solutions in place to defend themselves. This heading can include a number of things, such as educating employees about phishing indicators and security methods to prevent unauthorized access. But, there is another side to it as well, which would be mitigation tactics in the event of a successful attack, which includes tasks like expelling the immediate threat, handling any data breach, eliminating the campaign, and tracing the source. Organizations often do not have the resources to complete several of these steps by themselves, which is where outside assistance can be beneficial. Massive Alliance offers comprehensive anti-phishing solutions that can help organizations defend themselves or remediate an attack that has already occurred.

Massive's Media Division publishes timely news and insights based on current events, trends, and actionable cross-industry expertise.