Unless you were asleep under a rock yesterday, you probably heard about a 4chan hacker leaking nude photographs and videos of Jennifer Lawrence, Kim Kardashian, Rihanna, Kate Upton and over a hundred other celebrities. (And if you need a good argument as to why you shouldn't actively go looking for them, Lena Dunham has you covered here.)
Apparently, the hacker was able to obtain access to the personal data via a security flaw in iCloud, Apple's online back-up service. The company says that it is currently investigating the hack, although that probably comes as cold comfort to actresses like Kirsten Dunst:
Thank you iCloud🍕💩— Kirsten Dunst (@kirstendunst) September 1, 2014
(That's "Thank you iCloud, you piece of shit" in emoji-speak, BTW.)
According to TheNextWeb, it's believed that the hackers may taken advantage of an glitch in the Find My iPhone app, which allowed users to repeatedly guess a target's iCloud password without being locked out. Combine this with a malicious script that you can leave running for hours ad infinitum until it hits on the right combination of letters and numbers – and boom! You're in.
The Apple breach hasn't been confirmed yet, but there's good reason for nude selfie-taking iPhone users (I know you're out there) to check up on their iCloud security. Ordinary, non-famous people get hacked too.
Christopher Chaney, who was sentenced to ten years for hacking the personal online accounts of Scarlett Johansson, Mila Kunis and other actresses, also targeted two women he knew personally; he even sent nude images of one former co-worker to her own father. When the notorious revenge porn site Is Anyone Up? was still operating, it would regularly post images that had been hacked from the personal accounts of regular women.
With that in mind, here are some pointers to protect yourself from any nefarious nude selfie-seeking hackers:
SWITCH UP YOUR PASSWORDS
The standard advice for creating a secure password to make it long, along with using a mix of uppercase and lowercase numbers, numbers and symbols (if you want to get crazy about it). Don't use personal information like pet names, birthdays, postcodes or addresses, all of which can be easily found on the internet. And most importantly, don't use the same password for multiple accounts. If your Gmail account is compromised, you don't want some random dude getting access to your iTunes, Spotify and PayPal accounts.
USE TWO-STEP VERIFICATION
This flags up whenever somebody attempts to log into your personal account from a new computer, and requires the user to key in an additional code. Google, Gmail, Apple, iCloud, Faceobok, Dropbox, Twitter, PayPal and Microsoft all provide this option.
TURN OFF PHOTO STREAM
If you use iCloud, chances are you've automatically enabled the Photo Stream option without even knowing (go to Settings > iCloud > Photos to check). This is the function that allows Apple to automatically upload new photos to the cloud. You can choose to disable Photo Stream, or go to iCloud > Storage & Backup to disable the iCloud Backup option altogether. BTW, even if you delete an image off your device, it'll still be floating around in the virtual ether – head here to find out how to get rid of them permanently.
DON'T TAKE NUDE SELFIES
Just kidding! Everybody has a right to a private sexual life, which includes taking as many filthy pictures of yourself as you want. You don't forfeit that right if you appear in a movie franchise, release a hit album, or work as a model – and you definitely shouldn't be blamed if some asshole decides to illegally obtain those pictures and publish them online. Dazed writer Reni Eddo-Lodge puts it best:
If you kept a diary & someone found it, photocopied it & plastered pages everywhere, it wld be nonsenical to blame you for keeping the diary— Reni Eddo-Lodge (@renireni) September 1, 2014
You just keep doing you. But just in case: remember to beef up those passwords, OK?
Have some news? Let us know on firstname.lastname@example.org