A former Virginia high school teacher is the fifth person charged in an investigation into the 2014 “celebgate” scandal in which hackers obtained nude photographs and other private information from more than 200 people, including celebrities.
Documents filed in federal court show that Christopher Brannan, 30, a former teacher at Lee-Davis High School, has agreed to plead guilty to charges of aggravated identity theft and unauthorized access to a protected computer.
The case was originally filed in Los Angeles, but was transferred to Virginia, where Brannan lives.
Thom Mrozek, a spokesman for the U.S. Attorney’s Office in Los Angeles, confirmed Wednesday that Brannan is charged in the “celebgate” investigation.
Mrozek would not release the names of the celebrities. But at the time, actress Jennifer Lawrence acknowledged that she was a victim of the hack.
Mrozek said prosecutors have linked Brannan to the hacking, but not to the leak of nude photographs in 2014.
Lawrence contacted authorities after naked photos of her began appearing online. Actress Mary Elizabeth Winstead also confirmed that nude photos of her were posted online.
Under a plea agreement, Brannan’s lawyer and prosecutors will recommend a prison sentence of nearly three years. A hearing is scheduled Monday in Richmond.
A statement of facts filed with Brannan’s plea agreement says that between August 2013 and October 2014, in Los Angeles County, Virginia and elsewhere, Brannan hacked into internet and email accounts, including Apple iCloud, Yahoo! and Facebook. He was then able to obtain iCloud backups, photographs and other private information belonging to the victims.
The statement said Brannan would gain access to accounts by researching the social media accounts of victims to learn answers to their security questions to access their email accounts.
Brannan also admitted using fraudulent email addresses designed to look like Apple Inc. security accounts. The emails would ask the victims to provide their usernames and passwords to their internet accounts.
Because the emails appeared to be from Apple, the victims would provide the information. Brannan would then use it to access the victims’ email accounts, where he obtained personal information, such as “sensitive and private photographs and videos.”
Court documents do not include the names of the victims. A spokesman for prosecutors said the victims’ names will not be released.
Brannan could not immediately be reached for comment. His lawyer, Abraham Del Rio III, did not respond to requests for comment.
Joshua Stueve, a spokesman for U.S. Attorney G. Zachary Terwilliger, said prosecutors will not release the names of the victims to protect their privacy.
Chris Whitley, a spokesman for Hanover County Public Schools, said Brannan worked at Lee-Davis High School in Mechanicsville, just outside Richmond, from August 2013 to June 2015.
Whitley told the Richmond Times-Dispatch that Brannan was immediately put on administrative leave in January 2015 after school officials were notified by the FBI of an investigation. He said school officials were not given details about the nature of the investigation.
Court documents say Brannan has also admitted hacking or trying to hack accounts of current and former teachers and students at the high school.

More from Associated Press
- Researchers Discover Attempt to Infect Leading Egyptian Opposition Politician With Predator Spyware
- UK’s New Online Safety Law Adds to Crackdown on Big Tech Companies
- MGM Resorts Computers Back Up After 10 Days as Analysts Eye Effects of Casino Cyberattacks
- California Law Restricting Companies’ Use of Information From Kids Online Is Halted by Federal Judge
- Two Vegas Casinos Fell Victim to Cyberattacks, Shattering the Image of Impenetrable Casino Security
- TikTok Is Hit With $368 Million Fine Under Europe’s Strict Data Privacy Rules
- Imagine Making Shadowy Data Brokers Erase Your Personal Info. Californians May Soon Live the Dream
- California Settles With Google Over Location Privacy Practices for $93 Million
Latest News
- Verisoul Raises $3.25 Million in Seed Funding to Detect Fake Users
- Lumu Raises $30 Million for Threat Detection and Response Platform
- Government Shutdown Could Bench 80% of CISA Staff
- Moving From Qualitative to Quantitative Cyber Risk Modeling
- Cisco Warns of IOS Software Zero-Day Exploitation Attempts
- Russian Zero-Day Acquisition Firm Offers $20 Million for Android, iOS Exploits
- Sysdig Launches Realtime Attack Graph for Cloud Environments
- Google Rushes to Patch New Zero-Day Exploited by Spyware Vendor
