FBI Names Second Suspect in the Celebgate Nude Photo Hack, No Arrests Made


In 2014, thousands of iCloud accounts associated with high-profile Hollywood celebrities were hacked with a seemingly singular aim of leaking nude photographs. Considered as one of the biggest security breaches, the hack affected the likes of Kim Kardashian, Kate Upton, and Jennifer Lawrence who eventually became the face of the attack. While there has been a scarcity of updates on the case, a new report suggests that the FBI had identified a second suspect responsible for the hack, but no one is facing any charges.

celebgate jennifer lawrence the fappening

FBI had a second suspect in the "Celebgate" iCloud hack case:

Known as The Fappening or Celebgate, thousands of private iCloud accounts were breached, entire albums stolen and uploaded on 4chan. After the attack, FBI had raided the house of Emilio Herrera in Chicago who faced the allegation of having hacked the iCloud accounts.

between May 31, 2013, and August 31, 2014, his [Herrera's] IP address “was used to access approximately 572 unique iCloud accounts,” and “in total, the unique iCloud accounts were accessed 3,263 times.”

Now, new court documents obtained by Gawker reveal that there was another suspect in the case by the name of Ed Majerczyk, again from Chicago. This particular suspect was alleged to be responsible for lifting private photos from Jennifer Lawrence. According to the court documents, Lawrence lost access to her email account, after which she received an email from appleprivacysecurity@gmail.com that read:

Your Apple ID was used to login into iCloud from an unrecognized device on Wednesday, August 20th, 2014. Operating System: iOS 5.4 Location: Moscow, Russia (IP= If this was you please disregard this message. If this wasn't you for your protection, we recommend you change your password immediately. In order to make sure it is you changing the password, we have given you a one-time passcode, 0184737, to use when resetting your password at http://applesecurity.serveuser.com/. We apologize for the inconvenience and any concerns about your privacy. Apple Privacy Protection.

While Lawrence didn't recall having clicked on the phishing link, FBI's investigation confirmed that the attacks used similar combinations of deceptive web domains and fake security warnings posing to have originated from Apple. Once Majerczyk managed to breach an iCloud account, he would proceed to download the entire photo gallery from the victim's iPhone and share it publicly. The FBI says that Majerczyk accessed 330 unique iCloud accounts over 600 times. However, like Herrera, Majerczyk was also not arrested. According to these documents, and as has been in the public knowledge, JLaw was particularly disturbed by the incident as many of the leaked photos were already deleted by her.

The question being raised now is not how deleted photos were managed to be lifted by the hackers, but rather why there has been no development in the investigation, at least in public knowledge. According to Gawker, there have been no arrests made and FBI spokesperson fails to give any response except that it's a pending investigation.

There is also the question that has been asked for the past year that how someone capable enough of devising a complex phishing campaign failed to hide their own IP addresses. This could also be the reason why no charges have been pressed. It is believed that both Herrera and Majerczyk were simply the escape goats whose computers were infected and used as a proxy for the Celebgate attacks.