Fappening 2.0 – Will There Be a Sequel?

The public’s (sometimes unhealthy) interest in celebrities’ personal lives has inspired hackers to break into their accounts on more than one occasion. In 2014, intimate photos of a number of actresses were leaked online; among them were Kim Kardashian, Kate Upton, and Rihanna. This scandal has since become known as The Fappening. The legal proceedings that followed ended exactly a year ago, in March 2016. According to an official statement, a 36-year-old resident of Pennsylvania was found guilty by the United States Department of Justice.

Lo and behold, on the anniversary of that court’s decision, 15 March 2017, another collection of stars’ private photos appeared online. So far, the victims this time around are Emma Watson and Amanda Seyfried. The names of the affected actresses were previously made known in a post on Reddit, where it had been reported that their names would soon be in the headlines. The attackers plan to publicly distribute photos of other public figures in the future. If the list of names in the “forecast” is to be relied upon, then Jennifer Lawrence, who was also named as a future victim, will suffer such an attack for the second time. Lawrence’s name was also to be found in the cast of characters of the first “fappening”.

Emma Watson, whose photos appeared in the first set of leaks from the latest iCloud Fappening, kept her cool with a tough response to the incident, drawing up a lawsuit against those distributing her private photos. The famous Hermione was angered by the manner in which her photos were distributed freely, without her consent. Her calm determination is understandable: none of the stolen pictures were erotic and they’re unlikely to damage her reputation. Most of the pictures were taken while trying on clothing and swimsuits two years ago. Even so, besides the “fitting room” photos, there are also images which allegedly depict a nude Emma Watson that were taken in a bathroom. However, it’s impossible to know for sure whether these photos really are of a nude Emma Watson, as the face of the woman in the images isn’t visible. For this reason, the actress’s representatives have no comments regarding these pictures.

Another actress, Amanda Seyfried, was hit harder: the stolen files include both nude images of the actress as well as intimate scenes with her fiancé. So far, no legal action has been taken to protect Seyfried’s privacy.

How the 2017 Fappening was carried out is still unclear. Last time, the attacker sent phishing messages purporting to be from Google or Apple to potential victims and their acquaintances, requesting their logins and passwords. The hacker’s “harvest”, so to speak, amounted to some fifty iCloud accounts and seventy-two Google accounts, all of the famous public figures. The latest attack was very likely made possible thanks to social engineering.

The best safeguard against seeing your intimate photos all over the web, of course, is not putting them there in the first place; store them locally instead. Cloud data protection cannot be 100% reliable – cloud services have been hacked into repeatedly. However, if you do store data there, you ought to at least follow a few simple safety rules – they’ve been well-known for quite some time, though there are few who follow them in practice. Don’t think that this is only a problem for celebrities, either. It can affect anybody who stores data on the internet.

Safety measures against account hacking

  1. Don’t click on links in emails from recipients whose identity you can’t confirm. The same goes for attachments in that kind of correspondence. Sometimes, strange-looking emails can even come from friends. In those cases, it’s a good idea to contact the sender directly and ask for confirmation that it was in fact sent by them.
  2. Never provide your personal and financial information (account passwords, phone numbers, PIN codes, credit card or billing information) to anybody by email. Legitimate organizations like Google, Microsoft, and banks will never ask for confidential information via email. Protecting their customers’ data is of the utmost importance to them.
  3. Use different passwords, at least for your most important accounts: email, social networks, online banking.
  4. Your personal data protection system should include regularly changing passwords and the security questions used to reset or restore access to your accounts.

And of course, where possible, you should use two-factor authentication. While this does require some extra time, it can help to keep your accounts safe even if the previous steps weren’t enough to stop hackers from discovering your passwords and logins.

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates from our team.

You have Successfully Subscribed!

Author: Anna

If you have any questions about two-factor authentication and Protectimus products, ask Anna, and you will get an expert answer. She knows everything about one-time passwords, OTP tokens, 2FA applications, OATH algorithms, how two-factor authentication works, and what it protects against. Anna will explain the difference between TOTP, HOTP, and OCRA, help you choose a token for Azure MFA, and tell you how to set up two-factor authentication for Windows or Active Directory. Over the years with Protectimus, Anna has become an expert in cybersecurity and knows all about the Protectimus 2FA solution, so she will advise on any issue. Please, ask your questions in the comments.

Share This Post On


  1. Remarkable! Its genuinely amazing paragraph, I have got much clear idea regarding from this post.

    Post a Reply
  2. I like this site very much so much wonderful information.

    Post a Reply

Submit a Comment

Your email address will not be published. Required fields are marked *

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates from Protectimus blog.

You have successfully subscribed!

Share This