Nude photos of several female celebrities has apparently been leaked on 4chan, a message board that allows users to post content anonymously
Jennifer Lawrence's Nude Photos Leak Online, Other Celebs Targeted - Stephanie Marcus - Huffington Post.
A screenshot taken by New York Daily News of the forums post shows a list that includes:
Jennifer Lawrence - Hunger Games
Kate Upton - Model
Lea Michele - Glee
Lady Sybil [potentially Jessica Findlay] - Downton Abbey
Ariana Grande - actress/singer
Victoria Justice - actress/singer
Brie Larson - Don Jon
Kristen Dunst - Spiderman
Becca Tobin - Glee
Jessica Brown Findlay
Hope Solo - Soccer player
Teresa Palmer - Warm Bodies
Kristen [Krysten] Ritter - actress/model
Mary Elizabeth Winstead - actress/recording artist
McKayla Maroney - gymnast and internet meme
Yvonne Strahovksi - Chuck
Celebrity responses have ranged from acceptance, prosecution threats and outrage to straight up denials.
From what I've gathered so far, it appears as if the photos may have been uploaded to iCloud via Photo Stream and then compromised by someone. As we wait for more details, there are some warnings and lessons to be learned here.
WARNING
Searching for nude photos on the celebrities above will increase your chances of getting some sort of malware on your computer. This is exactly the kind of big news that nefarious people will take advantage of to get something installed on your computer that could compromise it. Which could lead to several awful scenarios including your own nude photos being made publicly available.
Automatic Uploads
Turn it off.
Unless you don't mind your photos being backed up on a server you have no control over, turn the automatic upload feature off. Googling 'disable Photo Stream automatic upload' should get you to some resources that will tell you how to do this.
Taking nude photos with a device that can potentially upload it to the internet is bad enough; having it upload automatically is simply not a very good idea.
Two-Factor Authentication
Turn it on.
While we don't have all the details yet on how the pictures got stolen, it's possible that the theft could have been avoided if two-factor authentication was enabled. In cases like these, most of the time it's found that had two-factor authentication been enabled the compromise would not have happened. Two-factor authentication isn't perfect nor the ultimate solution, but it does increase difficulty of a compromise significantly.
Most applications and services you use have two-factor authentication available, use it. Apple and it's iCloud server has it available and it's fairly easy to setup.
Get On Twitter
Hash tags are the best thing since sliced bread and for events like these make the world a little brighter.
Get on Twitter and join in the fun.
This post first appeared on Exploring Information Security.