Man stole nude photos from women’s e-mail accounts

A California man has pleaded guilty to charges that he broke into the e-mail accounts of thousands of women, scouring them for nude photos that he then posted to the Internet.

George Bronk, 23, was arrested in late October after police found evidence that he’d hacked into more than 3,200 e-mail accounts. He used the same technique that Sarah Palin hacker David Kernell used to break into the former U.S. vice presidential candidate’s Yahoo account: He scoured his victims’ Facebook accounts for answers to the security questions used by Web-based e-mail services such as Gmail and Yahoo Mail.

Stay on top of security news with CSO’s Daily Dashboard and our Salted Hash newsletter

Then, posing as his victim, he would claim to have forgotten the account’s password and try to answer the security questions that would let him back in. Often, the security questions are easy to guess. The questions Bronk faced asked him things like, “What is your high school mascot?” and “What is your father’s middle name?”

Once in, he would change the account password — locking out his victim — and search for any racy photographs. If he found any, he posted them to the victim’s Facebook profile.

Of the 3,200 accounts he broke into, Bronk found nude or semi-nude photos in 172 of them, prosecutors said.

In one case he persuaded a victim to send him even more explicit photographs by threatening to post the ones he’d stolen if she didn’t.

Bronk faces six years in prison on felony hacking, child pornography and identity theft charges. He entered his plea Thursday in Sacramento Superior Court.

“This case highlights the fact that anyone with an email account is vulnerable to identity theft,”California Attorney General Kamala Harris said in a statement.

Robert McMillan covers computer security and general technology breaking news for The IDG News Service. Follow Robert on Twitter at @bobmcmillan. Robert’s e-mail address is robert_mcmillan@idg.com