Apple and Meta shared data with hackers pretending to be law enforcement officials

Apple and Meta handed over user data to hackers who faked emergency data request orders typically sent by law enforcement, according to a report by Bloomberg. The slip-up happened in mid-2021, with both companies falling for the phony requests and providing information about users’ IP addresses, phone numbers, and home addresses.

Law enforcement officials often request data from social platforms in connection with criminal investigations, allowing them to obtain information about the owner of a specific online account. While these requests require a subpoena or search warrant signed by a judge, emergency data requests don’t — and are intended for cases that involve life-threatening situations.

Fake emergency data requests are becoming increasingly common, as explained in a recent report from Krebs on Security. During an attack, hackers must first gain access to a police department’s email systems. The hackers can then forge an emergency data request that describes the potential danger of not having the requested data sent over right away, all while assuming the identity of a law enforcement official. According to Krebs, some hackers are selling access to government emails online, specifically with the purpose of targeting social platforms with fake emergency data requests.

As Krebs notes, the majority of bad actors carrying out these fake requests are actually teenagers — and according to Bloomberg, cybersecurity researchers believe the teen mastermind behind the Lapsus$ hacking group could be involved in conducting this type of scam. London police have since arrested seven teens in connection with the group.

But last year’s string of attacks may have been performed by the members of a cybercriminal group called Recursion Team. Although the group has disbanded, some of them have joined Lapsus$ with different names. Officials involved in the investigation told Bloomberg that hackers accessed the accounts of law enforcement agencies in multiple countries and targeted many companies over the course of several months starting in January 2021.

“We review every data request for legal sufficiency and use advanced systems and processes to validate law enforcement requests and detect abuse,” Andy Stone, Meta’s policy and communications director, said in an emailed statement to The Verge. “We block known compromised accounts from making requests and work with law enforcement to respond to incidents involving suspected fraudulent requests, as we have done in this case.”

When asked for comment, Apple directed The Verge to its law enforcement guidelines, which state: “If a government or law enforcement agency seeks customer data in response to an Emergency Government & Law Enforcement Information Request, a supervisor for the government or law enforcement agent who submitted the Emergency Government & Law Enforcement Information Request may be contacted and asked to confirm to Apple that the emergency request was legitimate.”

Meta and Apple aren’t the only known companies affected by fake emergency data requests. Bloomberg says hackers also contacted Snap with a forged request, but it’s not clear if the company followed through. Krebs on Security’s report also includes a confirmation from Discord that the platform gave away information in response to one of these fake requests.

“This tactic poses a significant threat across the tech industry,” Peter Day, Discord’s group manager for corporate communications said in an emailed statement to The Verge. “We are continuously investing in our Trust & Safety capabilities to address emerging issues like this one.”

Related Posts

Nomad crypto bridge loses $200 million in chaotic hack

After a few quiet months, it’s happened again: another blockchain bridge hack with losses in the hundreds of millions of dollars. Nomad, a cryptocurrency bridge that lets…

US federal courts were reportedly hit by another data breach

The federal courts’ document system was hit by a breach with a “startling breadth and scope” in early 2020, according to a report from Politico that cites…

Google like Amazon may let police see your video without a warrant

Arlo, Apple, Wyze, and Anker, owner of Eufy, all confirmed to CNET that they won’t give authorities access to your smart home camera’s footage unless they’re shown…

Now Microsoft Office is blocking macros by default

There’s been a bit of back and forth since the change was originally announced, but this week Microsoft started rolling out an update to Microsoft Office that…

Romanian hacker faces US trial over virus for hire service

The Department of Justice (DOJ) announced today that it had extradited dual Romanian / Latvian national Mihai Ionut Paunescu — known as “Virus” — to the US…

China linked hackers are exploiting a new vulnerability in Microsoft Office

A newly discovered vulnerability in Microsoft Office is already being exploited by hackers linked to the Chinese government, according to threat analysis research from security firm Proofpoint….

Leave a Reply

Your email address will not be published.

Adblock Detected

Please consider supporting us by disabling your ad blocker

Refresh Page
x