‘Addiction’ drove Scarlett Johansson’s nude photo hacker

Graham Cluley
Graham Cluley
@

 @grahamcluley.com
 @[email protected]

Scarlett Johansson passwordChristopher Chaney, the man accused of hacking into the email accounts of female celebrities, and scooping up their private messages and nude photos, has described how his curiousity became an addiction.

35-year-old Chaney, from Jacksonville, Florida, was arrested by the FBI earlier this week in connection with “Operation Hackerazzi”, an investigation into a series of high profile hacking incidents involving the likes of Scarlett Johansson, Mila Kunis and others.

In an exclusive interview with CNN affiliate WAWS/WTEV, Chaney claimed he does not remember who was the first celebrity he targeted.

Victims identified identified in the FBI’s indictment include Scarlett Johansson, Mila Kunis, Christina Aguilera, Renee Olstead, and celebrity handbag designer Simone Harouche. Other victims are identified purely by initials: B.P., J.A., L.B., L.S., D.F., and B.G.

Celebrity hacking victims

However, FBI agents are said to have identified more than 50 victims whose accounts were illegally accessed by Chaney.

Chaney’s hacking escapades lasted from November 2010 until February this year, using publicly available information to reset passwords and gain access to accounts.

It’s alleged that once he had access to victims’ Gmail, Apple and Yahoo accounts, that Chaney could make contact with others via his victims’ online address book, and search the account for compromising information.

Sign up to our free newsletter.
Security news, advice, and tips.

The FBI claims that Chaney would also auto-forward any messages received by his victims to third party accounts under his own control. This meant he could read every email they received, even if passwords were reset.

Chaney told the TV station that he was full of remorse for his actions:

“I deeply apologize. I know what I did was probably one of the worst invasions of privacy someone could experience, and these people don’t have privacy to begin with. I was in that slither of privacy that they do have. And I have had six months to think about it and it eats at me.”

“When you are doing it you’re not thinking about what’s going on with who you are doing it to. Pure curiosity is how it started, and I wish it hadn’t.”

Christopher ChaneyChaney says that he was “pretty stupid” and plans to plead guilty. He says that he knows what he did was wrong.

However, he denies that he had any finanical motive, and claims that he did not sell or release any of the images.

Which begs the question – how did nude photos of the likes of Scarlett Johansson end up freely available on the internet?

Chaney says that others must have passed the images onto gossip websites, and that he was contacted by somebody who wanted to see the celebrities’ emails. However, he claims he did not share the information.

It’s unclear how this unnamed individual knew that Chaney had access to the personal communications.

Another question occurs to me – didn’t the celeb gossip websites which published the photographs do something wrong too? They surely knew that photos of Scarlett Johansson topless and the like were likely to be stolen property, and yet they went ahead and published them regardless.

One wonders if they will suffer any punishment for their part in this sordid story.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "The AI Fix" and "Smashing Security" podcasts. Follow him on Bluesky and Mastodon, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.