Two years ago, 29-year-old Paytsar Bkhchadzhyan was a central figure in an intriguing case that was making headlines in Los Angeles and around the world.
Bkhchadzhyan (no, I have no idea how to say that either) was an identity thief and suspected of being the girlfriend of an Armenian criminal gang member. The authorities had an iPhone, which they believed Bkhchadzhyan could unlock. But the police couldn’t force her to hand over her PIN or passcode.
So, instead, a court controversially ordered Bkhchadzhyan (I just like saying it…) to press her finger against the iPhone’s Touch ID biometric reader in an attempt to unlock it.
As it happens, Bkhchadzhyan’s fingerprints didn’t cut the mustard and the phone remained locked.
But Paytsar Bkhchadzhyan isn’t the kind of name you easily forget.
And so my eyebrows raised this week when I heard that Paris Hilton had been in court to witness the sentencing of Paytsar Bkhchadzhyan, who had been found guilty of hacking the celebrity heiress and reluctant party-goer.
As the media reported, and as we discuss in the latest episode of the “Smashing Security” podcast, Paris Hilton no longer trusts iCloud.
Paris turned up to the sentencing looking suitably glamorous, dressed up to the nines in expensive clothes. And although some of the media focused their attention on her appearance, her statement to the court is much more worthy of focusing on.
Here is just a small part of what Paris Hilton had to say about Paytsar Bkhchadzhyan:
“This woman targeted me in such a way that I will never forget or get over it. I feel so incredibly violated. She was trying to get all my user names and passwords for every single one of my email and bank accounts. She took over my life and identity. She tried to shake me up for money. It was all so unbelievable and crazy that it truly seemed like something out of a movie. I have a very busy schedule and was supposed to be out of town today but I rescheduled my trip just to be here because I wanted you, your honor, to know and understand just how much this truly affected me and what a serious crime this is.”
“I have been violated so many times in my life and I am sick and tired of just brushing it under the rug and not standing up for myself. I want the defendant and any other hackers out their who are planning to target me or anyone else that this is wrong, highly illegal and a serious crime and it will not be tolerated and if they attempt again then they will be punished for their despicable actions. No one should ever have to go through this or made to feel this way and I hope by being here today it will help make a difference and make people think twice before they attempt or try to do such deplorable things to another person and hopefully put a stop to this. Thank you, your honor.”
And here’s a brief run-down of what the hacker did to Paris Hilton:
- Stole Paris Hilton’s emails, nude photos, credit card details
- Caused approximately $130,000 worth of damages in actual and attempted loss
- Impersonated Paris Hilton, duping her phone company in order to hijack her mobile devices (giving the hacker access to personal texts, WhatsApp conversations, photos, and videos)
- Contacted Paris Hilton to warn her that another women had hacked into Paris’s accounts and was negotiating to sell the photos and messages to media companies
- Wrote “extremely rude messages” to PH’s personal assistant, claiming to be Paris Hilton, and demanded $50,000 be wired into a bank account
- Targeted Paris Hilton’s parents, Rick and Kathy Hilton, to try to get them to wire the money
- Tried to gain physical access to Paris Hilton’s home in a gated community
- Booked a penthouse suite at the Roosevelt Hotel in Los Angeles, and attempted to throw a New Year’s party with tens of thousands of dollars worth of champagne on Paris Hilton’s credit card
I think Paris Hilton has every right to be upset.
“When I first found out that my personal emails, iCloud, credit cards and identity had been stolen and taken over by some stranger I felt so upset, hurt and violated. The defendant not only hacked into my accounts and made credit cards with my name on them but somehow found a way to hack into the email accounts of my employees, my friends and my family members such as my father and sister.”
Paytsar Bkhchadzhyan has now been sentenced to 57 months in prison
Personally, I would be surprised if Paris Hilton isn’t quite a sharp cookie.
Just consider how she and her team have managed to keep her in the spotlight over the years, and how she’s augmented her inherited wealth with a huge personal fortune through product endorsements and simply showing up at other people’s parties and premieres.
But that doesn’t necessarily mean you don’t have to learn the hard way about becoming savvy with your computer security and privacy.
13 years ago, way back in 2005 long before Apple iPhones existed, Paris Hilton had her T-Mobile Sidekick hacked after she made the mistake of choosing the name of her pet chihuahua (“Tinkerbell”) the answer to one of her account’s password reset questions.
And two years ago, my guess is that Paris Hilton was either sharing her password with her staff and/or had not enabled two-factor authentication on her Apple iCloud account.
We all learn from experience. But when bad things happen to people in the public eye like Paris Hilton, maybe it helps many more people learn an important lesson or two.
For more discussion on the issues surrounding this case, be sure to listen to the latest “Smashing Security” podcast:
Smashing Security #77: 'Why Paris Hilton doesn’t use iCloud, lottery hacking, and Facebook dating'
Listen on Apple Podcasts | Google Podcasts | Pocket Casts | Spotify | Other... | RSS
I’ll leave the last word to Paris herself, who appeared to post a message on Twitter specifically directed at her hacker:
Karma has no menu. You get served what you deserve… pic.twitter.com/M9QnTDMvwN
— ParisHilton (@ParisHilton) May 7, 2018
Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.