On Friday, police in California arrested and jailed a 23-year-old man accused of hacking into the e-mail accounts of more than 3,000 women and stealing sexually explicit photos of them. He allegedly sent the photos to his victims' e-mail contacts, and posted them to their Facebook profiles. The suspect, George Samuel Bronk, was arraigned Tuesday afternoon in a Sacramento County court, after a lengthy investigation involving federal authorities and the California Highway Patrol's Computer Crimes Investigation Unit.
As PC World explains, investigators first learned of Bronk's breach when a woman in Connecticut told local police that someone had posted x-rated photos of her on her Facebook page. The photo, she said, appeared to have been swiped from her e-mail account. Police then traced an IP address to Bronk's computer, where they discovered evidence that the unemployed Californian could've targeted thousands of other women. Police also said they found child pornography on his hard drive.
Police suspect that Bronk gained access to roughly 3,200 e-mail accounts, which he accessed by tricking mail services into resetting his targets' passwords. As CNET explains, many e-mail services like Gmail, Yahoo! and Hotmail require users to answer a certain amount of pre-answered personal questions before changing their passwords. Bronk decided to gather what information he could from his targets' Facebook pages, and used that to make educated guesses. He would then search their accounts for sexually explicit photos, and post them on their Facebook pages. Police have thus far identified 20 victims, but say there could be many more, as Bronk is believed to have posted embarrassing photos on 70 to 76 profiles.
We'll have to wait and see how many people were immediately affected by Bronk's scheme, but the incident should at least raise a red flag among online security experts. In the age of social networking, the password questions that many services use for ID verification are far too easy for any stranger to guess -- as David Kernell proved in 2008, when he used the same technique to hack into Sarah Palin's e-mail account. Services will hopefully soon implement tighter controls, but, in the meantime, you might want to double-check how much of your personal life you've made public on your Facebook profile -- and change your security questions accordingly.
Link: http://www.switched.com/2010/11/04/george-gamuel-bronk-facebook-x-rated-photos/
As PC World explains, investigators first learned of Bronk's breach when a woman in Connecticut told local police that someone had posted x-rated photos of her on her Facebook page. The photo, she said, appeared to have been swiped from her e-mail account. Police then traced an IP address to Bronk's computer, where they discovered evidence that the unemployed Californian could've targeted thousands of other women. Police also said they found child pornography on his hard drive.
Police suspect that Bronk gained access to roughly 3,200 e-mail accounts, which he accessed by tricking mail services into resetting his targets' passwords. As CNET explains, many e-mail services like Gmail, Yahoo! and Hotmail require users to answer a certain amount of pre-answered personal questions before changing their passwords. Bronk decided to gather what information he could from his targets' Facebook pages, and used that to make educated guesses. He would then search their accounts for sexually explicit photos, and post them on their Facebook pages. Police have thus far identified 20 victims, but say there could be many more, as Bronk is believed to have posted embarrassing photos on 70 to 76 profiles.
We'll have to wait and see how many people were immediately affected by Bronk's scheme, but the incident should at least raise a red flag among online security experts. In the age of social networking, the password questions that many services use for ID verification are far too easy for any stranger to guess -- as David Kernell proved in 2008, when he used the same technique to hack into Sarah Palin's e-mail account. Services will hopefully soon implement tighter controls, but, in the meantime, you might want to double-check how much of your personal life you've made public on your Facebook profile -- and change your security questions accordingly.
Link: http://www.switched.com/2010/11/04/george-gamuel-bronk-facebook-x-rated-photos/
