Security Experts:

Connect with us

Hi, what are you looking for?


Tracking & Law Enforcement

Celebrity Email Hacker Sentenced to 6 Months in Prison

Andrew Helton, 29, of Portland, Oregon, was sentenced this week to six months in prison for hacking into hundreds of email accounts, including ones belonging to celebrities.

Andrew Helton, 29, of Portland, Oregon, was sentenced this week to six months in prison for hacking into hundreds of email accounts, including ones belonging to celebrities.

Authorities say Helton illegally accessed 363 Apple and Google accounts through a phishing scheme that involved emails asking targeted individuals to “verify” their account by clicking on a link. Those who clicked on the links were taken to fake Apple and Google login pages and instructed to enter their username and password.

According to the Department of Justice, the Oregon man obtained roughly 448 usernames and passwords between March 2011 and May 2013. He used the credentials to steal private information from victims’ accounts, including 161 sexually explicit, nude and partially nude photographs of 13 individuals, some of whom were celebrities.

Helton pleaded guilty in February to one charge of unauthorized access to a protected computer to obtain information, which is a felony violation of the controversial Computer Fraud and Abuse Act (CFAA). He faced 5 years in prison, but a judge sentenced him on Thursday to only six months and ordered him to pay a $3,000 fine. The hacker will start serving his prison sentence on October 11.

“For over two years, Helton targeted unsuspecting victims with phishing e-mails that gave him full access to their private e-mail accounts,” stated U.S. Attorney Eileen M. Decker. “He systematically searched for and stole intimate images and stored them in his own computer for personal use, which meant the victims continued to suffer as a result of his voyeurism. Helton’s crime was a deep invasion of privacy that caused real harm.”

Authorities in the United States have prosecuted several individuals who hacked into celebrity email accounts. One of the longest prison sentences was given in 2012 to a Florida man – Christopher Chaney got ten years after targeting Renee Olstead, Mila Kunis, Scarlett Johansson and others.

New York-based hacker Mir Islam got a 2-year jail sentence earlier this month for doxing public figures, and there are several others awaiting sentencing. The list includes Romanian national Marcel Lazar Lehel, aka Guccifer, Alonzo Knowles from the Bahamas, and Ryan Collins of Pennsylvania, who is one of the people behind the 2014 “Celebgate” hacks. Lehel, Knowles and Collins all pleaded guilty in May. Edward Majerczyk of Illinois was also charged recently for his role in the “Celebgate” scheme.

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content


The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.


US government reminds the public that a reward of up to $10 million is offered for information on cybercriminals, including members of the Hive...


The Hive ransomware website has been seized as part of an operation that involved law enforcement in 10 countries.


No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.


The owner of China-based cryptocurrency exchange Bitzlato was arrested in Miami along with five associates in Europe


Russian Vladislav Klyushin made tens of millions of dollars by hacking into U.S. computer networks to steal insider information.


A hacker who reportedly posed as the CEO of a financial institution claims to have obtained access to the more than 80,000-member database of...


Google Project Zero has disclosed the details of three Samsung phone vulnerabilities that have been exploited by a spyware vendor since when they still...