Feeds

Woman charged with stealing nude pics of baseball star

...from Playboy Bunny's email account

Choosing a cloud hosting partner with confidence

A Minnesota woman has been charged with stealing racy photos of Cleveland Indians centerfielder Grady Sizemore from the email account of his Playboy bunny girlfriend.

The 15-photo set, which Sizemore shot himself with his cellphone, were posted to the internet about a year ago, although most have since been removed, following take-down demands. In some, the baseball star is clothed, while others show him au naturel, mostly as he stands in front of a bathroom mirror. One of the pics shows him holding a Playboy picture of his girlfriend Brittany Binger, who was the magazine's playmate of the month in June 2007.

The Star Tribune of Minneapolis reports that 19-year-old Leah M. Ayers has been charged with two counts of unauthorized computer access in connection with the theft. The paper cited court documents that said her laptop was used to view Binger's Facebook, Twitter, and MySpace accounts and that personal information from those sites may have bee used to change Binger's password and access her account in August 2009.

Binger complained to the Los Angeles County Sheriff's Department, which served search warrants on Yahoo to trace the email hacker's IP address to Ayer's parents, who live in the Minneapolis suburb of Apple Valley.

It's the latest episode to demonstrate the insecurity of password-reset features offered by Yahoo, and so many other online services, which allow users to reset passwords based on the answers to questions such as what high school did you attend? That folly is only compounded by clueless users who make hackers' jobs easier by posting the answers to Facebook and other social networks.

The technique was used by Sarah Palin email hacker David Kernell, who on Friday was sentenced to 366 days in custody. It was also used by several accused and convicted “sextortionists” who used password-reset features to steal racy photos of girls and woman.

Yahoo's password reset feature now defaults to sending a temporary password to a user's cell phone. That may or may not be a more secure alternative, depending on how many people get hold of a user's cellphone on a regular basis.

Ayers is summoned to appear in court on November 29. ®

Internet Security Threat Report 2014

More from The Register

next story
FYI: OS X Yosemite's Spotlight tells Apple EVERYTHING you're looking for
It's on by default – didn't you read the small print?
Russian hackers exploit 'Sandworm' bug 'to spy on NATO, EU PCs'
Fix imminent from Microsoft for Vista, Server 2008, other stuff
Edward who? GCHQ boss dodges Snowden topic during last speech
UK spies would rather 'walk' than do 'mass surveillance'
Microsoft pulls another dodgy patch
Redmond makes a hash of hashing add-on
NOT OK GOOGLE: Android images can conceal code
It's been fixed, but hordes won't have applied the upgrade
'LulzSec leader Aush0k' found to be naughty boy not worthy of jail
15 months home detention leaves egg on feds' faces as they grab for more power
China is ALREADY spying on Apple iCloud users, claims watchdog
Attack harvests users' info at iPhone 6 launch
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.