Comment Re:Not only iCloud at fault (Score 1) 336
Looking at the EXIF data attached to the photographs, where it's available, and the structure of the filenames I can see that only some of them came from iPhones/iCloud. I can also see photographs from Android phones (Nexus 7 and Samsung Galaxy 5s) likely acquired via Google Drive, other photographs clearly taken from Dropbox accounts (the dumps include default dropbox files), and many clearly taken from Twitter and Facebook private messages (filenames are a dead giveaway). Some of the filenames look like those you would get from a recovery or backup programme rather than an auto generated one, which chimes with what victims have said on Twitter regarding deleting the images months or even years ago. In any case there are clearly multiple sources and as usual Apple Derangement Syndrome is in full swing. Likely as not this was related to the heartbleed bug. Large amounts of passwords were acquired around that time, and were probably being used on multiple services. It's equally possible that this wasn't a breach at Apple et al but a breach of Amazon Web Services or Microsoft's Azure as those services are used to backup data from iCloud, Google Drive, and many others. What's worse for some of the celebs is that the pictures contain GPS data that could compromise their homes.
The Jennifer Lawrence pictures looks like they span 2-3 years. Each set has different hair colors, body shapes. My first thought was upgraded cell phones - phones that were reset but the data was still there when the user got a new phone.
The common link between these stars could be a phone retail outlet. Maybe an employee there would take the old phones, make copy of the internal flash memory before it was shipped off somewhere else.