iCloud hacker perv cops nearly 3 years in jail for stealing and sharing people's private, intimate pics

A perv who reportedly hacked people's iCloud accounts to obtain sexual images before sharing them online has been sent to prison for nearly three years.

Tony Spencer of Victoria Hill, Eye, Suffolk, was found by Basildon Crown Court to have "accessed iCloud accounts without the owners' consent" by using "software", according to a police statement.

One of Spencer's victims had told Essex Police in 2017 that her iCloud account had been breached and her "personal intimate pictures" posted online shortly afterwards.

Spencer pleaded guilty in September last year to a dozen of the UK's Computer Misuse Act offences, nine counts of voyeurism and five counts of making an indecent photograph of a child. On top of his 32-month sentence, handed down late last week, he was put on the Sex Offenders' Register for life and handed a Sexual Harm Prevention Order for 10 years.

In addition to iCloud hacking, Spencer had also filmed women and children getting changed in his local leisure centre with hidden cameras.

Detective Sergeant Ian Collins of Essex Police's Cyber Crime Team commented: "Spencer was not able to access any accounts secured with 2FA as he would have needed the mobile phone of the victims at the same time."

The policeman added that Spencer's sordid secret lifestyle "went hidden for many years until we received just a single report that revealed much, much more… he used his specialist knowledge to hack his unsuspecting victims' accounts and then accessed their most intimate photographs for his own sexual purpose and that of others."

No details were given of what software Spencer was using, though a simple online search throws up millions of results which may or may not actually work. The Register has asked Essex Police for more information and will update this article if the force responds.

The force said it was conducting a larger investigation into iCloud account hacking, partially triggered by its investigation into Spencer. The force appears to be a fan of using the Computer Misuse Act (CMA) against hackers.

Academics and campaigners have called for the CMA to be reformed for the modern era, arguing that because there is no specific sentencing guideline for judges to use, jail terms handed down to CMA criminals are inconsistent. The Crown Prosecution Service's London tentacle recently slapped a last-second fraud charge onto a man who admitted hacking the National Lottery, a wise decision from the prosecutors' perspective when the judge used that as the basis for handing down a nine-month prison sentence.

Previous research by The Register found that prison sentences under the CMA tend to be measured in months rather than years. ®