21-year-old woman charged with hacking Selena Gomez

Secret password-reset questions were too easy to answer with public information.

21-year-old woman charged with hacking Selena Gomez

Popstar Selena Gomez (138 million followers on Instagram, and counting…) had her account hacked last August.

It’s pretty embarrassing to have your Instagram account hacked, of course. But it’s even worse when the hacker chooses to publish nude snaps of your ex-boyfriend.

Especially if that ex goes by the name of Justin Bieber. Yeowch!!

Bieber snap

A carefully-censored image of Selena Gomez’s Instagram account from late August 2017.

Now, a 21-year-old woman from New Jersey has been charged in connection with hacks of the email accounts of Selena Gomez and one of her associates.

According to the LA Times, Susan Atrach is believed to have broken into an Apple iCloud account and Yahoo account used by Gomez and her personal assistant.

And it’s reported that once again, a hacker is thought to have reset a celebrity’s password by using publicly-available information to answer “secret questions”.

Atrach is accused of gaining unauthorised access to the accounts several times from June 2015 through to February 2016, allegedly stealing digital content which was then posted online and shared with other people.

If convicted, Atrach could face a maximum possible sentence of nine years and eight months in a state prison.

All of us - celebrities and non-celebrities - should do all we can to prevent our private personal photographs from falling into the wrong hands.

That means:

  • Choosing a strong, hard-to-crack password for online accounts
  • Choosing a unique, different password
  • Not sharing passwords with other people
  • Enabling two-step verification or two-factor authentication when available, ensuring that hackers won’t be able to break into accounts by only knowing its password
  • Not choosing easy-to-guess answers to secret “Forgot your password?” questions
  • Being aware of phishing threats, and ensuring up-to-date security software is always being run
  • Being wary of delegating others (an assistant?) from accessing online accounts on your behalf

If you want to know more about securing your web email accounts be sure to listen to this edition of the Smashing Security podcast:

Smashing Security #014: ‘Protecting webmail’

Listen on Apple Podcasts | Google Podcasts | RSS for you nerds.

Tags: , , , , ,

   Join thousands of others and sign up to our free "GCHQ" newsletter.

Smashing Security podcast
Check out "Smashing Security", the award-winning weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"It's brilliant!" • "Three people having fun in an industry often focused on bad news" • Winner of the Best Security Podcast 2018

Latest episodes:
Listen on Apple Podcasts Listen on Google Podcasts

, , , , ,

No comments yet.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.