Connecticut Man Sent to Prison for 2014 Celebrity iCloud Hack - MacRumors
Skip to Content

Connecticut Man Sent to Prison for 2014 Celebrity iCloud Hack

by

iCloud AltConnecticut man George Garafano has been sentenced to eight months in prison for his role in the 2014 iCloud hacks that saw many celebrity photos illicitly shared on the internet.

Garafano was accused of hacking the iCloud accounts of more than 200 people over the course of 18 months, including multiple celebrities.

According to the Hartford Courant, a federal judge in Connecticut ordered the eight month prison term, which will be followed by three years of supervision after release.

Garafano in April pleaded guilty to sending phishing emails to his victims posing as a member of Apple's online security team to obtain usernames and passwords. During the case, prosecutors said he traded the photos that he stole with other hackers and may have sold some of them to earn extra income.

Prosecutors had argued that Garafano should serve 10 to 16 months in prison, while Garafano asked for a more lenient sentence of five months in prison followed by five months in home confinement.

Garafano, who was in college at the time, says he has already suffered for his role in the 2014 hacking event and has "cleaned up his act" since the hacking occurred.

There were a total of four people charged with breaking into the iCloud accounts of celebrities, including Ryan Collins, Edward Majerczyk, and Emilio Herrera, along with Garafano. The other hackers have already been sentenced to prison terms ranging from nine months to 18 months.

When hundreds of nude celebrity photos began leaking online in 2014, there was initial speculation that iCloud had been hacked, but following an investigation, Apple determined that the accounts had been compromised by weak passwords.

Apple has since made improvements to its iCloud security by adding two-factor authentication to iCloud.com, introducing email alerts when an iCloud account is accessed on the web, and requiring app-specific passwords for third-party apps that access iCloud.

Popular Stories

Apple Watch Ultra 2 Black Titanium

watchOS 27 Will Add These New Features to Your Apple Watch

Sunday May 24, 2026 11:53 am PDT by
Apple will unveil watchOS 27 during its WWDC 2026 keynote on Monday, June 8, and a handful of new features have been rumored already. The first developer beta of watchOS 27 should be available immediately following the keynote, and a public beta typically follows in July. The update should be released to all users with a compatible Apple Watch model in September. Below, we recap watchOS...
Read Full Article59 comments
Four iPhone 18 Pro Colors Mock Feature

iPhone 18 Pro Launching Later This Year With These 10 New Features

Tuesday May 26, 2026 6:32 am PDT by
While the iPhone 18 Pro and iPhone 18 Pro Max are not launching until September, there are already plenty of rumors about the devices. It was initially reported that the iPhone 18 Pro models would have fully under-screen Face ID, with only a front camera visible in the top-left corner of the screen. However, the latest rumors indicate that only one Face ID component will be moved under the...
Read Full Article48 comments
iPhone 15 General Feature Green

Apple Preparing 'Most Significant Overhaul in the iPhone's History'

Friday May 22, 2026 1:36 pm PDT by
Apple reportedly plans to unveil its first foldable iPhone in September this year — it may be named "iPhone Ultra" — and expectations are high. In his Power On newsletter, Bloomberg's Mark Gurman said the foldable iPhone will be "the most significant overhaul in the iPhone's history." "iPhone 4, iPhone 6 and iPhone X were clearly a big deal, but this is a whole new design," he said....
Read Full Article

Top Rated Comments

G
genovelle
101 months ago
Why is this called a hack when these people gave them their password. This is why anti-Apple people still try to blame Apple saying they were hacked and leaked the pictures.
Score: 40 Votes (Like | Disagree)
ikir Avatar
ikir
101 months ago
anyway the title says “hack” but it was phishing

When hundreds of nude celebrity photos began leaking online in 2014, there was initial speculation that iCloud had been hacked, but following an investigation, Apple determined that the accounts had been compromised by weak passwords ('https://www.macrumors.com/2014/09/02/apple-no-celebrity-icloud-breach/').
Score: 22 Votes (Like | Disagree)
keysofanxiety Avatar
keysofanxiety
101 months ago
MR, please, this isn’t a hack. I know the title will get more visits, but if you use the same password for every account and answer every applelegit@maybenot.com email with your personal details, that’s phishing.

Hack implies Apple’s servers were compromised. There’s a big difference between that and people getting scammed.
Score: 14 Votes (Like | Disagree)
nwcs Avatar
nwcs
101 months ago
Phishing and social engineering attacks will always succeed in some measure because people are always the weakest links in security.
Score: 14 Votes (Like | Disagree)
Scottsoapbox Avatar
Scottsoapbox
101 months ago
I feel like 8 months in prison is kind of harsh for getting dumb people to hand over a password.

And PSA for celebrities: don't store your naked pictures in the cloud.
Score: 11 Votes (Like | Disagree)
CarlJ Avatar
CarlJ
101 months ago
I feel like 8 months in prison is kind of harsh for getting dumb people to hand over a password.
It wasn't so much for tricking someone into giving them their password, it was for what they then did with those passwords - accessing an account that didn't belong to them, downloading someone else's clearly very private files, then widely distributing those files on the internet, and screwing over a bunch of people's lives (at least for a while). I don't see some prison time as being especially harsh.
Score: 10 Votes (Like | Disagree)
Read All Comments