The man responsible for leaking explicit photos of dozens of celebrities back in 2014 has been formally charged today. According to a post on the Department of Justice website, a man from Pennsylvania has been charged with felony computer hacking after obtaining access to Gmail and iCloud accounts of more than 100 different people, the majority of whom were celebrities.

The hacker, 36-year-old Ryan Collins, has signed a plea agreement and agreed to plead guilty to a felony violation of the Computer Fraud and Abuse Act. Colin was charged in Los Angeles, but the case will be transferred to Harrisburg, Pennsylvania, where Collins is expected prison sentence of 18 months, although it could be as long as five years.

In addition to revealing sentencing details, however, the filing also reveals more details as to how Collins was able to obtain access to the accounts of the affected celebrities. According to the filing, Collins engaged in a phishing scheme between November 2012 and September 2014. Collins would apparently send emails to celebrities that appeared to be from Apple or Google and asked for login details. Once Collins had those details, he was able to access email accounts and iCloud accounts. From there, Collins obtained information such as nude images and videos, as well as phone numbers. In the case of Apple accounts, Collins would download the entire contents of the victim’s iCloud backup, as well.

While Collins accessed at least 50 iCloud accounts and 72 Gmail accounts, law enforcement has still been unable to prove that he was the person who shared the nude images on the internet, so if that evidence is discovered, it could potentially lengthen his sentence.

We reported on the initial iCloud hack back in 2014, but details were unknown at the time. Apple said that it was “actively investigating” the alleged hacking, but we now know that Apple played a small role in the process, as it was the celebrities who fell victim to phishing scams.

The full report can be read below:

            LOS ANGELES – A Pennsylvania man was charged today with felony computer hacking related to a phishing scheme that gave him illegal access to over 100 Apple and Google e-mail accounts, including those belonging to members of the entertainment industry in Los Angeles.

Ryan Collins, 36, of Lancaster, Pennsylvania, has signed a plea agreement and agreed to plead guilty to a felony violation of the Computer Fraud and Abuse Act. In the plea agreement also filed today, Collins agreed to plead guilty to one count of unauthorized access to a protected computer to obtain information.

Although Collins has been charged in Los Angeles, the parties have agreed to transfer the case to Harrisburg in the Middle District of Pennsylvania, near Collins’ home, for the entry of his guilty plea and sentencing. Once he enters the guilty plea, Collins will face a statutory maximum sentence of five years in federal prison. The parties have agreed to recommend a prison term of 18 months, but that recommendation will not be binding on the sentencing judge.

“Today, people store important private information in their online accounts and in their digital devices,” said United States Attorney Eileen M. Decker. “Lawless unauthorized access to such private information is a criminal offense. My Office remains committed to protecting sensitive and personal information from the malicious actions of sophisticated hackers and cyber criminals.”

According to factual basis in the plea agreement, from November 2012 until the beginning of September 2014, Collins engaged in a phishing scheme to obtain usernames and passwords for his victims. He sent e-mails to victims that appeared to be from Apple or Google and asked victims to provider their usernames and passwords. When the victims responded, Collins then had access to the victims’ e-mail accounts. After illegally accessing the e-mail accounts, Collins obtained personal information including nude photographs and videos, according to his plea agreement. In some instances, Collins would use a software program to download the entire contents of the victims’ Apple iCloud backups.

The charge against Collins stems from the investigation into the leaks of photographs of numerous female celebrities in September 2014 known as “Celebgate.” However, investigators have not uncovered any evidence linking Collins to the actual leaks or that Collins shared or uploaded the information he obtained.

Many of Collins’ victims were members of the entertainment industry in Los Angeles. By illegally accessing the e-mail accounts, Collins accessed at least 50 iCloud accounts and 72 Gmail accounts, most of which belonged to female celebrities.

“By illegally accessing intimate details of his victims’ personal lives, Mr. Collins violated their privacy and left many to contend with lasting emotional distress, embarrassment and feelings of insecurity,” said David Bowdich, the Assistant Director in Charge of the FBI’s Los Angeles Field Office. “We continue to see both celebrities and victims from all walks of life suffer the consequences of this crime and strongly encourage users of Internet-connected devices to strengthen passwords and to be skeptical when replying to emails asking for personal information.”

The case against Collins is the product of an ongoing investigation by the Federal Bureau of Investigation.