According to the U.S. Attorney's Office for the Northern District of Virginia (via The Verge), Ford targeted high-profile athletes and musicians and tricked the victims into providing their Apple account passwords.
"The high profile victims in this case are an example that no matter who you are, hackers like Ford are trying to get your personal information," said Chris Hacker Special Agent in Charge of FBI Atlanta. "This case demonstrates the need to be careful in protecting personal information and passwords, especially in response to suspicious e-mails. Hopefully this is a lesson for everyone, not just the victims in this case."Starting in March 2015, Ford used a phishing scheme to get the login credentials for the Apple accounts. He targeted NBA players, NFL players, and rappers, sending thousands of phishing emails spoofing legitimate customer service accounts.
Posing as an Apple support representative, Ford asked victims to send their usernames, passwords, and answers to security questions.
After getting this information, Ford would log into the Apple accounts and attempt to take them over. According to Apple, there were hundreds of unauthorized logins to victims' Apple accounts.
Stolen credit card details were then used to pay for things like air travel, hotels, furniture, money transfers, and more. He has been charged with six counts each of wire fraud, computer fraud, access device fraud, and aggravated identity theft. He pled guilty to one count of computer fraud and one count of aggravated identity theft.
For Apple users concerned with hacking attempts, it's always best to be wary. Apple does not email or cold call users asking for account information, so calls and emails requesting data are fake.
Apple has a dedicated support page with information on how to avoid phishing emails and other scam techniques that malicious individuals employ to extract information from Apple users.