Sydney man receives one year jail sentence for unlawfully accessing iCloud accounts

A 48-year-old Sydney man has been sentenced to one year’s imprisonment for illegally accessing iCloud accounts of unsuspecting women to share their sexualised photos with strangers and 10 months’ imprisonment for possessing child abuse material.

Australian Federal Police Cybercrime Operations began an investigation, known as Operation Ipone in July 2016 following a report from the US Federal Bureau of Investigations (FBI) about an online user from Rooty Hill, NSW who was illegally accessing sexualised videos and images from private Gmail accounts.

The person offering his services in various online forums was identified as a 48-year-old man residing in Parramatta, NSW at the time.

The AFP gathered further evidence about the second man’s illegal activities, and he was arrested in September 2018. He was charged with:

  • Three counts of accessing and modifying restricted data, knowing that the access was unauthorised, contrary to section 478.1(1) of the Criminal Code (Cth); and
  • One count of possessing child abuse material, contrary to Section 91H(2) of the Crimes Act 1900 (NSW).

The 48-year-old man pleaded guilty to these offences at the Downing Centre District Court on 16 October 2020.

On many occasions the man was offered money for this services, but instead requested the individual allow him to keep copies of the files for himself.

The man unlawfully accessed 92 iCloud accounts between May 2013 and December 2015.

Forensic analysis of storage devices seized during the search warrant at his residence in September 2018 revealed a large quantity of sexualised images and videos belonging to his victims, whose private accounts he had compromised.

Further analysis of the evidence also identified child abuse material on multiple electronic devices.

The man was sentenced to jail on 1 October 2021 at the Downing Centre District Court.

He received one year’s imprisonment, with a non-parole period of three months to start from 1 January 2022. He was also sentenced to 10 months’ imprisonment, with a non-parole period of six months to start from 1 October 2021.

The man is eligible for parole on 31 March 2022.

“Your private images and videos are just that, private. This was a gross self-serving invasion of privacy that should never have occurred. No person should have their private images taken from them and given to complete strangers,” Det. Supt. Marden said.

“The AFP strongly encourages Australians to set tough passwords with a mixture of letters, numbers and symbols, limit the amount of personal information they share on social media and online forums, and regularly change their passwords and security questions.”

“Taking these small steps will make it difficult for cybercriminals to hack into your accounts and invade your privacy.”

If you are a victim of cybercrime, you can report it online or contact the Australian Cyber Security Hotline on 1300 CYBER1 (1300 292 371).

Members of the public who have any information about people involved in child abuse and exploitation are urged to call Crime stoppers on 1800 333 000.

You can also make a report online by alerting the Australian Centre to Counter Child Exploitation via the Report Abuse button.

/Public Release. View in full here.