In the summer of 2014, anonymous hackers flooded the internet with private nude photos of major (and minor) celebrities. Two years later, new details show the FBI thinks they identified Jennifer Lawrence’s hacker. But no one’s facing charges.

Last year, Gawker reported that the FBI had raided the Chicago home of Emilio Herrera, alleging that he had breached thousands of private iCloud accounts including those that came to be known (painfully) as “The Fappening” or “Celebgate”:

Herrera’s alleged iCloud cracking went way beyond that narrow list of celebs: between May 31, 2013, and August 31, 2014, his IP address “was used to access approximately 572 unique iCloud accounts,” and “in total, the unique iCloud accounts were accessed 3,263 times.”

But court documents obtained by Gawker, including a search warrant and sworn affidavit, show that the FBI had another suspect in the breaches. In October of 2014, the FBI fingered Ed Majerczyk, another Chicago man with a similar laundry list of cloud-based invasions. Among his alleged social engineering exploits were sexual photos lifted from Jennifer Lawrence, who quickly became the face of The Fappening:

(Although the celebrity victims are only identified by initials, J.L. appears to refer to Jennifer Lawrence, K.U. appears to refer to Kate Upton, and J.V. is almost certainly Upton’s boyfriend and Detroit Tigers pitcher Justin Verlander—celebrity boyfriends seem to have been just another ripe point of failure for personal digital security)

The FBI says Majerczyk, through a series of bogus email accounts like “appleprivacysecurity@gmail.com,” created a phishing dragnet that duped very famous victims into providing him with their passwords through some pretty elementary tricks:

The attacks appear to have used a combination of deceptive web domains and fake security warnings that were meant to appear as if they originated from Apple:

In total, the FBI says Majerczyk accessed 330 unique iCloud accounts from his home a total of over 600 times. Once breached, it would’ve been simple for Majerczyk to download the entirety of a victim’s iPhone camera roll and share it on, say, 4chan. The leaks were stunning and titillating to onlookers, but took a particular toll on those whose naked pictures were actually being traded like baseball cards. The special agent’s report notes that Jennifer Lawrence was particularly anguished by the attacks:

As in the case of the other guy accused of pilfering celebrity nudes via iCloud, large questions remain unanswered. Why would a prolific nude robber savvy enough to hijack celebrity accounts en masse not take simple precautions to protect his IP address? Even more puzzling: Why has this investigation gone completely quiet? An FBI spokesperson would not comment on whether either man is a suspect or person of interest, replying only that “it’s a pending investigation” and that they have “not been made aware of any public developments.” This is the same line I was read nearly a year ago—there have been no arrests associated with this case.

Even acquiring these court documents was more difficult than usual. The entire docket had at first been placed under seal indefinitely to give the FBI time to comb over seized computers and hard drives, which is routine. But they remained under seal, without explanation, only to be placed under “restricted access” and unavailable to anyone not inside the Northern District of Illinois courthouse. Only after a long exchange with the courthouse was I able to procure the court docket—and the investigation remains nearly as opaque as it was in 2014.

Ed Majerczyk could not be reached for comment, and an email sent to an address associated with his mother, with whom he resided at the time of the FBI search and who is also named in the affidavit, was not immediately returned.


Contact the author at biddle@gawker.com.
Public PGP key
PGP fingerprint: E93A 40D1 FA38 4B2B 1477 C855 3DEA F030 F340 E2C7