In 2014, there was a big leak involving celebrity pictures that had been garnered from the victims’ hacked iCloud accounts. This spurred an investigation, which has been ongoing despite news of the incident quieting down. Now details on what the investigation turned up have been revealed via a federal search warrant that has been unsealed, as well as an affidavit. According to the documents, FBI agents identified a home in southern Chicago as being one of the locations where hacking attempts (which may have been successful) took place, as well as an apartment also in Chicago.
The home belonged to Emilio Herrera, and the IP address coming from it was used by someone to “attempt to reset 1,987 unique iCloud account passwords, approximately 4,980 times.” In addition, an apartment in another part of Chicago was the source of another IP used to access iCloud accounts related to the pics leak.
The passage above details one victim’s statement on the leak.
That latter IP was reportedly used to access “330 unique iCloud accounts between May and August 2014”, with 291 of the accounts having been accessed “more than 600 times”. The documents indicate phishing methods were used in at least some cases to acquire the log in details.
In the case of Herrara’s home in particular, agents seized several devices, including an older Motorola Electrify 2, a SanDisk Sansa, a couple of floppy disks, a Kindle Fire, Compaq laptop, HP desktop, and HP Pavilion, among other things. It doesn’t appear any arrests have been made at this point.