Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Tracking & Law Enforcement

Celebrity Email Hacker Sentenced to 6 Months in Prison

Andrew Helton, 29, of Portland, Oregon, was sentenced this week to six months in prison for hacking into hundreds of email accounts, including ones belonging to celebrities.

Andrew Helton, 29, of Portland, Oregon, was sentenced this week to six months in prison for hacking into hundreds of email accounts, including ones belonging to celebrities.

Authorities say Helton illegally accessed 363 Apple and Google accounts through a phishing scheme that involved emails asking targeted individuals to “verify” their account by clicking on a link. Those who clicked on the links were taken to fake Apple and Google login pages and instructed to enter their username and password.

According to the Department of Justice, the Oregon man obtained roughly 448 usernames and passwords between March 2011 and May 2013. He used the credentials to steal private information from victims’ accounts, including 161 sexually explicit, nude and partially nude photographs of 13 individuals, some of whom were celebrities.

Helton pleaded guilty in February to one charge of unauthorized access to a protected computer to obtain information, which is a felony violation of the controversial Computer Fraud and Abuse Act (CFAA). He faced 5 years in prison, but a judge sentenced him on Thursday to only six months and ordered him to pay a $3,000 fine. The hacker will start serving his prison sentence on October 11.

“For over two years, Helton targeted unsuspecting victims with phishing e-mails that gave him full access to their private e-mail accounts,” stated U.S. Attorney Eileen M. Decker. “He systematically searched for and stole intimate images and stored them in his own computer for personal use, which meant the victims continued to suffer as a result of his voyeurism. Helton’s crime was a deep invasion of privacy that caused real harm.”

Authorities in the United States have prosecuted several individuals who hacked into celebrity email accounts. One of the longest prison sentences was given in 2012 to a Florida man – Christopher Chaney got ten years after targeting Renee Olstead, Mila Kunis, Scarlett Johansson and others.

New York-based hacker Mir Islam got a 2-year jail sentence earlier this month for doxing public figures, and there are several others awaiting sentencing. The list includes Romanian national Marcel Lazar Lehel, aka Guccifer, Alonzo Knowles from the Bahamas, and Ryan Collins of Pennsylvania, who is one of the people behind the 2014 “Celebgate” hacks. Lehel, Knowles and Collins all pleaded guilty in May. Edward Majerczyk of Illinois was also charged recently for his role in the “Celebgate” scheme.

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Cybercrime

Daniel Kelley was just 18 years old when he was arrested and charged on thirty counts – most infamously for the 2015 hack of...

Cybercrime

No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Ransomware

The Hive ransomware website has been seized as part of an operation that involved law enforcement in 10 countries.

Privacy

Employees of Chinese tech giant ByteDance improperly accessed data from social media platform TikTok to track journalists in a bid to identify the source...

CISO Strategy

The SEC filed charges against SolarWinds and its CISO over misleading investors about its cybersecurity practices and known risks.

Cybercrime

A global cyber espionage campaign has resulted in the networks of many organizations around the world becoming compromised after the attackers managed to breach...

Ransomware

US government reminds the public that a reward of up to $10 million is offered for information on cybercriminals, including members of the Hive...