PRIVACY

Man Connected To Pippa Middleton Hack Reveals Exclusive Details

In interview conducted shortly before an arrest in the Pippa Middleton hack, "Crafty Cockney" says media offering seven-figures for stolen photos

PRIVACY
Pippa Middleton’s iCloud account was recently hacked. — REUTERS
Sep 25, 2016 at 11:05 AM ET

Update: The man arrested Saturday, later identified as Nathan Wyatt, has been released on bail.

Britain’s royal family has been in the throes of another headline-making scandal. This time, the scandal involves Pippa Middleton, the younger sister of Kate Middleton, the Duchess of Cambridge. Pippa Middleton’s iCloud account was hacked, and what are claimed to be 3,000 images — allegedly including images of the Duchess of Cambridge and her children, Pippa’s wedding dress fittings, and nude pictures of Pippa’s fiancé, financier James Matthews — are up for sale to the highest bidder. Middleton’s lawyers issued a statement confirming that her account was hacked, and police have already made an arrest in the case, although the arrest may not be the end of the royals’ problems.

Before the Metropolitan police announced the arrest of a 35-year-old Northamptonshire man in connection with the Pippa Middleton hack, Vocativ conducted an exclusive interview over Friday and Saturday with “Crafty Cockney,” a man claiming to represent the hacker or hackers in their quest to sell the stolen photographs. His personal details, known previously to Vocativ, match the information on the arrested individual, and the interview was interrupted mid-sentence on Saturday afternoon, shortly before the announcement of an arrest in the case.

On Friday, Crafty Cockney, who also uses the online moniker “mas,” sent an email to news outlets and tabloids in the UK and U.S. with the subject line, “Naked Pics & Royal Family Pics.” Within seven hours, Crafty Cockney was in negotiations with several of them, he told Vocativ in an exclusive interview on Saturday.

Crafty, who is known to this journalist from prior communications concerning other investigations, told Vocativ that even if one of the UK outlets had offered more than 50,000, the minimum price for the hacked photographs stated in the email, the seller never had any intention of making a UK sale. According to Crafty, they were simply playing the UK media to help establish the authenticity of the photos and therefore generate interest among U.S. outlets.

“Who would set up this type of deal in the UK after Leveson?” he said, referring to the public inquiry into the conduct and ethics of news media after the News of the World phone hacking scandal. “But in the same vein, nobody believes the crap that’s on the front of The National Enq or OK etc….So the key was Authenticity, Exposure &Validity…”

“The UK press played into our hands. I had no intention of selling them anything. But they have printed their authenticity. That’s half the difficulty done for me,” he informed Vocativ in an encrypted chat. “That was the plan from the start.”

The final deadline for making offers, Crafty told Vocativ, was to be 4 p.m. GMT on Sunday. And according to him, negotiations were still ongoing as of Saturday afternoon, Eastern Time. Crafty claimed that he had already received one seven-figure offer.

Despite The Sun’s characterization of him as a “shadowy cyberthief,” a “crook,” and a “hacker,” Crafty says that he is not a hacker and is acting solely as an agent for the individual(s) wanting to sell the material. “I’m not a hacker,” he said, “Neither did i commit the hack. I’m of the community, but in all honesty I surprise myself I managed to get simple encryption working.”

“Not to stereotype, but your average Hacker or Anyone really with a high intellect finds it hard to communicate outside their own social circles… So they come to me for a way to turn what they consider value into actual money. Simply put, I’m a middle man/translator for the community.”
In this case, Crafty said he was working for what he believes to be a single individual.

When asked how the hacker gained access to Middleton’s iCloud account, he told Vocativ, “I have no knowledge by choice….the reasons being it would have no bearing on anything I do in regards to my help to broker a deal with whomever it would be.” Then after a brief pause, he added, “And mainly because I would have absolutely no idea what they were talking about.”

As of the time our last contact, Crafty was clear that he believed the sale would ultimately be to a U.S. publication, although he was unwilling to state who the current high bidder was.

With Scotland Yard on the case and the significant public interest, Vocativ asked Crafty why he had had used known nicknames (“Crafty Cockney” and “mas”), as he had used those handles online and there could be digital footprints leading to his real identity. His answer was that he took the opportunity for a bit of self-promotion. “I guess I saw a bit of personal limelight – a nick[name] in my world means so much more than a nick[name] in the press.” When asked, in a follow-up question, whether he was saying that he did it to get future business, he replied, “To a degree yes …. I would imagine I will get a lot more people come to me for advice… should I need to communicate with anyone in the future. Well [reputation] is everything I believe.”

Vocativ’s interview with Crafty Cockney was interrupted, mid-sentence, shortly before 3:00 p.m. ET. At approximately 6:30 p.m. ET, The Daily Mail reported that Scotland Yard had announced an arrest in a computer crime. A Metropolitan Police spokesperson provided Vocativ with the following statement:

Detectives investigating the hacking of a personal iCloud account have made an arrest. On Saturday evening, 24 September a 35-year-old man was arrested at an address in Northamptonshire. He was arrested on suspicion of a Computer Misuse Act offence and is being taken into custody at south London police station. Enquiries continue.

When asked to confirm that the arrestee was the individual known as “Crafty Cockney” or “mas,” the spokesperson made no further comment on the identity of the man, citing the ongoing investigation.

Although the Metropolitan Police did not name the suspect or indicate any nicknames used by the man, the age and location match information Crafty Cockney had previously provided to Vocativ, and Vocativ has been unable to re-establish contact with Crafty Cockney in chat or via secondary communication methods since Saturday afternoon.

If the man arrested was indeed Crafty Cockney and he was simply a broker and not the hacker, as he claims, then the pictures are still out there and the hacker(s) may be looking for another broker. The arrest may bring the royal family and Pippa Middleton a small measure of comfort, but it may not be the end of the story or the threat to their privacy. In any event, the arrest has certainly put another twist in an already twisted plot.

Note: Some quotes from Crafty Cockney have been corrected for typos, as per his request before he spoke with Vocativ.

Dissent Doe is the pseudonym of a privacy advocate who reports on privacy issues and data security breaches on PogoWasRight.org and DataBreaches.net. Her research on breaches has fueled resources such as DataLossDB.org and InfoisBeautiful, and has served as the basis for a number of Federal Trade Commission investigations. In conjunction with Protenus, Inc., she provides a monthly analysis of breaches in the healthcare sector.