Londoner Kerem Albayrak threatened to factory reset 319 million iCloud accounts in 2017 – but authorities say he was only seeking ‘fame and fortune’
A North London man who tried to blackmail Apple in 2017 has received no jail time after pleading guilty to the offence.
Kerem Albayrak, 22, of North London, was given a two-year suspended jail term, and was sentenced to 300 hours of unpaid work and a six-month electronic curfew at Southward Crown Court on Friday.
His trial followed an investigation by the National Crime Agency (NCA), which said Albayrak acted as the public face of a hacking group called the “Turkish Crime Family”.
The NCA has not announced the arrests of other members of the group.
In March of 2017 Albayrak emailed Apple’s security staff, saying he had 319 million iCloud account details that he would turn over to hackers unless Apple gave him $75,000 (£58,000) in crypto-currency or one thousand $100 iTunes gift cards.
Albayrak also threatened to factory reset the accounts.
One week later Albayrak filmed himself accessing random iCloud accounts and posted the video on YouTube, sending the link to Apple security. He then increased his demand to $100,000.
Apple contacted law enforcement in the UK and the US and the NCA led the investigation on the British side.
Officers from the NCA’s Cyber Crime Unit arrested Albayrak at his address in North London on 28 March, 2017, seizing digital equipment including his phone and computers.
‘Fame and fortune’
They found no evidence that Albayrak had compromised Apple’s systems, with the account details he used having been obtained from previous breaches of third-party services.
Albayrak told investigators he had been “sucked into” the world of cyber-crime, which had made him feel famous.
“During the investigation, it became clear that he was seeking fame and fortune,” said NCA senior investigative officer Anna Smith. “But cyber-crime doesn’t pay.”
She urged victims to report compromises as soon as possible and to retain all evidence.