‘Celebgate’ iCloud hacker jailed for leaking private images of Jennifer Lawrence

31 Aug 2018

Jennifer Lawrence. Image: Andrea Raffin/Shutterstock

George Garofano, one of the four people charged in the notorious ‘Celebgate’ photo scandal, has been sentenced.

This week, a zero-day vulnerability leaked by a Twitter user has caused concern among the infosec community.

Meanwhile, yet another data breach has exposed the personal data of thousands, with Air Canada the latest victim. Bad actors hacked the airline’s mobile app earlier in August.

Moving on to GDPR, many security experts worried that the regulation would cause a spike in spam emails. According to new research, though, that doesn’t appear to be the case at all.

Read on for a selection of this week’s most notable enterprise stories.

Final ‘Celebgate’ hacker sentenced

The ‘Celebgate’ iCloud hack dominated the news in 2014 and now, four years later, the final culprit has been handed a jail sentence. George Garofano admitted to accessing usernames and passwords of celebrity iCloud accounts, including those of Jennifer Lawrence and Kirsten Dunst.

Garofano nabbed the credentials by sending out phishing emails pretending to be an Apple security team member. He now faces an eight-month prison sentence.

The prosecution wrote: “Mr Garofano’s offence was a serious one. He illegally hacked into his victims’ online accounts, invaded their privacy and stole their personal information, including private and intimate photos.”

Facebook in watchdog’s crosshairs over data gathering

Germany’s antitrust watchdog is set to begin probing Facebook over alleged abuse of market dominance to gather data from users without their knowledge or consent.

The country’s Federal Cartel Office is particularly concerned about the company obtaining data about people from third-party apps. Another area of investigation is the tracking of people who are not even members of Facebook.

According to Reuters, while the probe may not end in a fine, the investigation may force Facebook’s hand to address these issues.

Natural Cycles in trouble over misleading ad claims

Swedish app Natural Cycles felt the wrath of the UK Advertising Standards Authority (ASA) this week for a claim about its product. An ad that appeared on Facebook said: “Natural Cycles is a highly accurate, certified contraceptive app that adapts to every woman’s unique menstrual cycle.”

The “highly accurate” claim within the ad copy would be understood by customers to mean the app was highly reliable in being able to prevent unwanted pregnancies, the ASA said.

The app works by using algorithms that indicate risk of pregnancy by dubbing days as ‘red’ or ‘green’. Users need to take their temperature at the same time every morning to track cycles.

The ad was removed as soon as Natural Cycles was notified last year and the ASA warned the company not to exaggerate the app’s benefits as a contraception method.

Google takes a step back from Kubernetes

Google Cloud has announced that it is handing over operational control of the Kubernetes container orchestrator to the Cloud Native Computing Foundation (CNCF).

It is providing the CNCF with $9m in Google Cloud credits to help further its work on the project. The credits are rolling out over three years and will cover the costs of building and testing the software.

The Kubernetes project regularly runs more than 150,000 containers on 5,000 virtual machines. Google Cloud said it is opening the project up as Kubernetes has reached maturity.

Jennifer Lawrence. Image: Andrea Raffin/Shutterstock

Ellen Tannam was a journalist with Silicon Republic, covering all manner of business and tech subjects

editorial@siliconrepublic.com