AP reports:
An Oregon man who accessed hundreds of email accounts and stole explicit photos of celebrities pleaded guilty Thursday to a felony hacking charge in Los Angeles.
Andrew Helton of Astoria, Oregon, faces up to five years in prison after pleading guilty to stealing nude or explicit photos from 13 people, including some unidentified celebrities.
Read more on CBS. None of the images were reportedly leaked online.
Update: The press release from the U.S. Attorney’s Office includes these details:
According to his plea agreement, from March 2011 to May 2013, Helton engaged in a phishing scheme to obtain usernames and passwords for his victims. He sent e-mails to victims that appeared to be from Apple or Google and asked victims to “verify” their accounts by clicking on a link. Once the victims clicked on the link, they were taken to a malicious website that looked like an Apple or Google login page. When the victims entered usernames and passwords on the malicious website, Helton then had access to the victims’ e-mail accounts.
As a result of his scheme, Helton obtained approximately 448 usernames and passwords for approximately 363 e-mail accounts. Helton used this information to access and view the contents of the e-mail accounts.
Many of Helton’s victims were members of the entertainment industry in Los Angeles. By illegally accessing the e-mail accounts, Helton obtained 161 sexually explicit, nude and/or partially nude images of approximately 13 victims, some of whom were celebrities.