Nude photos purportedly showing many top stars, including Oscar-winner Jennifer Lawrence and pop star Rihanna were circulated on social media on Sunday, in an apparent massive hacking leak.
Lawrence's agent called the leak "a flagrant violation of privacy" and said the authorities had been contacted, with a view to prosecuting "anyone who posts the stolen photos".
Cyber expert Edd Hardy, Head of Security Assessment at CNS Hut 3, told The Telegraph that whoever hacked the photos probably did so by accessing the cloud server on which they were stored.
"Anything you do on your phone, if you've got it set up that way, is uploaded to the cloud and then your other devices pull the data down, which is great," he said.
"But it means your stuff is effectively sitting on a server in the cloud, so your data is on somebody else's computer.
"The way they are often hacked is through the user interface, so everyone forgets their passwords for things and there is normally a password recovery function, which asks for things like your email address or your mother's maiden name, or things like that which are generally fairly easy to look up or get, and then you get the password."
Mr Hardy added that there are ways of encrypting data or stopping data from being uploaded to the cloud in the first place but, he said, the most effective way of ensuring that sensitive information does not get into the wrong hands is not to record it on a cloud-based device in the first place.
"If you're a celebrity and you're taking photographs of yourself, they probably shouldn't be on your phone, they probably shouldn't be sitting on the cloud - it's that simple really.
"It's generally about - don't take it with your phone," he said.
No comments:
Post a Comment