Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Ex-Virginia Teacher Charged in 2014 ‘Celebgate’ Hacking

A former Virginia high school teacher is the fifth person charged in an investigation into the 2014 “celebgate” scandal in which hackers obtained nude photographs and other private information from more than 200 people, including celebrities.

A former Virginia high school teacher is the fifth person charged in an investigation into the 2014 “celebgate” scandal in which hackers obtained nude photographs and other private information from more than 200 people, including celebrities.

Documents filed in federal court show that Christopher Brannan, 30, a former teacher at Lee-Davis High School, has agreed to plead guilty to charges of aggravated identity theft and unauthorized access to a protected computer.

The case was originally filed in Los Angeles, but was transferred to Virginia, where Brannan lives.

Thom Mrozek, a spokesman for the U.S. Attorney’s Office in Los Angeles, confirmed Wednesday that Brannan is charged in the “celebgate” investigation.

Mrozek would not release the names of the celebrities. But at the time, actress Jennifer Lawrence acknowledged that she was a victim of the hack.

Mrozek said prosecutors have linked Brannan to the hacking, but not to the leak of nude photographs in 2014.

Lawrence contacted authorities after naked photos of her began appearing online. Actress Mary Elizabeth Winstead also confirmed that nude photos of her were posted online.

Under a plea agreement, Brannan’s lawyer and prosecutors will recommend a prison sentence of nearly three years. A hearing is scheduled Monday in Richmond.

Advertisement. Scroll to continue reading.

A statement of facts filed with Brannan’s plea agreement says that between August 2013 and October 2014, in Los Angeles County, Virginia and elsewhere, Brannan hacked into internet and email accounts, including Apple iCloud, Yahoo! and Facebook. He was then able to obtain iCloud backups, photographs and other private information belonging to the victims.

The statement said Brannan would gain access to accounts by researching the social media accounts of victims to learn answers to their security questions to access their email accounts.

Brannan also admitted using fraudulent email addresses designed to look like Apple Inc. security accounts. The emails would ask the victims to provide their usernames and passwords to their internet accounts.

Because the emails appeared to be from Apple, the victims would provide the information. Brannan would then use it to access the victims’ email accounts, where he obtained personal information, such as “sensitive and private photographs and videos.”

Court documents do not include the names of the victims. A spokesman for prosecutors said the victims’ names will not be released.

Brannan could not immediately be reached for comment. His lawyer, Abraham Del Rio III, did not respond to requests for comment.

Joshua Stueve, a spokesman for U.S. Attorney G. Zachary Terwilliger, said prosecutors will not release the names of the victims to protect their privacy.

Chris Whitley, a spokesman for Hanover County Public Schools, said Brannan worked at Lee-Davis High School in Mechanicsville, just outside Richmond, from August 2013 to June 2015.

Whitley told the Richmond Times-Dispatch that Brannan was immediately put on administrative leave in January 2015 after school officials were notified by the FBI of an investigation. He said school officials were not given details about the nature of the investigation.

Court documents say Brannan has also admitted hacking or trying to hack accounts of current and former teachers and students at the high school.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.