Feeds

Woman charged with stealing nude pics of baseball star

...from Playboy Bunny's email account

SANS - Survey on application security programs

A Minnesota woman has been charged with stealing racy photos of Cleveland Indians centerfielder Grady Sizemore from the email account of his Playboy bunny girlfriend.

The 15-photo set, which Sizemore shot himself with his cellphone, were posted to the internet about a year ago, although most have since been removed, following take-down demands. In some, the baseball star is clothed, while others show him au naturel, mostly as he stands in front of a bathroom mirror. One of the pics shows him holding a Playboy picture of his girlfriend Brittany Binger, who was the magazine's playmate of the month in June 2007.

The Star Tribune of Minneapolis reports that 19-year-old Leah M. Ayers has been charged with two counts of unauthorized computer access in connection with the theft. The paper cited court documents that said her laptop was used to view Binger's Facebook, Twitter, and MySpace accounts and that personal information from those sites may have bee used to change Binger's password and access her account in August 2009.

Binger complained to the Los Angeles County Sheriff's Department, which served search warrants on Yahoo to trace the email hacker's IP address to Ayer's parents, who live in the Minneapolis suburb of Apple Valley.

It's the latest episode to demonstrate the insecurity of password-reset features offered by Yahoo, and so many other online services, which allow users to reset passwords based on the answers to questions such as what high school did you attend? That folly is only compounded by clueless users who make hackers' jobs easier by posting the answers to Facebook and other social networks.

The technique was used by Sarah Palin email hacker David Kernell, who on Friday was sentenced to 366 days in custody. It was also used by several accused and convicted “sextortionists” who used password-reset features to steal racy photos of girls and woman.

Yahoo's password reset feature now defaults to sending a temporary password to a user's cell phone. That may or may not be a more secure alternative, depending on how many people get hold of a user's cellphone on a regular basis.

Ayers is summoned to appear in court on November 29. ®

High performance access to file storage

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
Heartbleed exploit, inoculation, both released
File under 'this is going to hurt you more than it hurts me'
Arts and crafts store Michaels says 3 million credit cards exposed in breach
Meanwhile, Target investigators prepare for long process in nabbing hackers
Canadian taxman says hundreds pierced by Heartbleed SSL skewer
900 social insurance numbers nicked, says revenue watchman
prev story

Whitepapers

SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.