A Chicago man charged with illegally accessing the computers of celebrities to steal intimate photos and videos of them is facing a prison term of just nine months, according to new reports.
Edward Majerczyk, 28, who is the son of a retired police officer, pleaded guilty in a Los Angeles federal court in July to one count of “unauthorized access to a protected computer to obtain information” under the Computer Fraud and Abuse Act.
However, he’s signed a plea agreement in return for a lenient sentence, and will be transferred to Chicago where prosecutors will seek a term of just nine months, according to court records seen by the Chicago Times.
Majerczyk will formally enter his plea in the Windy City on 27 September.
He apparently sent phishing emails to hundreds of victims between November 2013 and August 2014 purporting to come from their online service providers.
With the log-ins obtained from these he’s said to have accessed 300 accounts during the period, including those of around 30 celebrities.
Although those pics made their way onto the internet as part of the now famous “Celebgate” leaks, Majerczyk is not accused of disseminating them online.
However, if true, nine months would seem a lenient sentence, especially given that 36-year-old Pennsylvania man, Ryan Collins, was handed down 18 months after pleading guilty to a similar scheme which involved just 50 iCloud and 72 Gmail accounts.
One thing in Majerczyk's favor is that he apparently has no criminal history and has accepted full responsibility for his alleged crime, which prosecutors take into account before deciding on the sentence they will seek.
“If anything, with every legal case, we see the disparity between the law and its application to technology,” AlienVault security advocate Javvad Malik told Infosecurity. “The rate at which technology is evolving, and the criminal uses it can be put to, continually outpace lawmakers.”
However, Imperva CTO, Amichai Shulman, praised the authorities’ handling of the case.
“In this case we have a person indicted and sentenced in a relatively short period in time,” he told Infosecurity.
“This shows that when authorities decide to get involved they are capable of taking real actions and getting to perpetrators. The more we see such success stories the less cybercrime we will see to begin with.”