Corporate Partners

Celebrity email hacker extraordinaire 'Guccifer' gets four years behind bars

The man who made celebrities change their passwords

By day he was a small-town cab driver, by night a man who hacked celebrities out of satirical spite; celebrity hacker 'Guccifer' has been sentenced to a minimum of four years in jail by a Romanian court.

Arrested in January, Marcel Lazar Lehel, 42, acquired notoriety after a spectacular series of attacks on the websites, email and social media accounts of personalities and politicians between 2009 and 2013.

In many ways what Lehel did under his nom de web Guccifer ('goo-chee-fer') was a throwback to the early prank days of web defacement except that by the turn of the first decade of the 21st Century there were better targets that could be used to cause embarrassment, particularly poorly-secured online email accounts.

The most audacious was his targeting of email accounts used by relatives and friends of former US President George HW Bush, from which he stole and published emails, family pictures and even the self-portraits by his son, George W Bush, effectively launching his artistic career.

It didn't stop there. With a shrewd ability to pick on targets that might gain notoriety, Guccifer's other attacks included hijacking the Facebook page of former US Secretary of State Colin Powell and stealing a publishing an unpublished work by Sex and the City author, Candace Bushnell taking over her Twitter account at the same time.

If a celebrity had an Internet presence, then they were fair game as far as Guccifer was concerned. Film stars including Leonardo DiCaprio, Nicole Kidman and Steve Martin also had their email accounts hacked. He even got his hands on a script for British TV series, Downton Abbey.

Disappointingly, Romanian police have not documented Guccifer's full target list but it is clear that he systematically picked on huge numbers of prominent people across several countries including his own, every now and then finding a security or password weakness he was able to exploit.

His downfall was probably his attacks on powerful people in his home country, including Romania's secret service head, George Maior, which quickly grabbed the attention of law enforcement. One particularly embarrassing attack was his theft of apparently flirtatious emails written by Romanian European Parliament member Corina Cretu to former US Secretary of State Colin Powell, which dropped hints about an affair between the pair. This was later denied.

Little is still known about Lehel or his deeper motivations, but it is possible he simply attacked his targets because he could. Many were found to be using poor security and all it took was one man sitting in a room in a small Romanian town to realise and exploit this. His legacy is that he smartned up the online security of thousands of celebrities and polticians, or at least it is assumed so.

The US is not known to made any extradition request for Lehel, prosecutors told Reuters news agency. He is known to have a previous three-year suspended sentence on file and so could in theory spend a total of seven years in prison without parole.

Join the CSO newsletter!

Error: Please check your email address.

Tags Personal TechsecurityFacebook

More about BushEuropean ParliamentFacebookReuters Australia

Market Place