One of my worst nightmares would be for someone to hack my photos and then sell them to the highest bidder. Unfortunately for some, this nightmare may have come true. Photobucket users beware; you might want to make sure you were not affected by a recent hack.
Today the FBI arrested Brandon Bourret, 39, from Colorado Springs, and Athanasios Andrianakis, 26, from Sunnyvale, California for creating a software that gave them username and passwords of protected Photobucket accounts. Currently, we don’t know how many accounts were affected as the Department of Justice has not released the information. We do know that Photobucket accounts were sold between July 12th, 2012 to July 1st, 2014. Photobucket receives over 60 million visitors a month, so one can only image the amount of people that were affected in those two years.
Michael Clark, Chief Technology Officer, stated the following:
Unfortunately, the defendants were intent on not only victimizing Photobucket and its users, but violating federal criminal statutes between 2012 and 2013 as alleged in the indictment. We congratulate the Federal Bureau of Investigation and the United States Attorney’s Office for their vigilant investigative work in identifying and bringing these perpetrators to justice. We will continue to support the government’s work and our users through this ongoing criminal investigation.
If convicted, the suspects are looking to serve up to five years in prison and will be charged up to a $250,000 dollar fine. For those interested in knowing what Bourret and Andrianakios have been charged with, you can view the indictment.
In regards to Photobucket, we’ll have to wait to find out how many users were affected, and will hopefully be updated in the near future. Since the photos have already been released, there is not much that can be done, but we hope Photobucket’s security will be beefed up quickly.
What will this do for other photo sharing websites? Sadly, not much. I have found that most organizations are reactive rather than proactive when it comes to security. Most social media outlets and cloud storage sites have security measures in place (so they think), and feel there is no need to update, or increase their security. Heck, if I don’t see issues on my computer I don’t feel the need to find better protection. When you add the fact that it’s extremely difficult to protect yourself against something that has not yet been created, sometimes your only other option is to react as quickly as possible to those threats.
What are your thoughts? Do you think Photobucket should have been able to catch these hackers rather than the FBI? What should we expect from Photobucket going forward? Let us know what you think in the comment section below.