Apple, Facebook Allegedly Gave User Data to Hackers After They Portrayed Themselves as Law Enforcement Officials

Omar Sohail
Apple, Facebook Allegedly Gave User Data to Hackers After They Portrayed Themselves as Law Enforcement Officials

In the middle of 2021, Apple and Facebook reportedly provided user data to a hacker group that was masquerading as law enforcement personnel. Under this guise, these hackers were able to ask for various details that came under ‘emergency data requests.’

For Emergency Data Requests, Individuals Do Not Need to Provide Companies Like Apple and Facebook With a Search Warrant

These ‘emergency data requests’ included customers’ phone numbers, IP, and physical addresses, which were provided to hackers without a search warrant. Typically, Apple and Facebook do not hand over data to people unless a warrant or subpoena is submitted by a judge. Unfortunately, this details request does not apply to emergency data ones because they are used in rare and dangerous cases.

Related StoryOmar Sohail
EU Releases New Official Deadline for When Apple, Other Companies Must Switch iPhones and Other Devices to USB-C

As reported by Bloomberg, Apple directed the publication to its law enforcement guidelines when pressed for further information. The hacker group, known as ‘Recursion Team,’ also managed to obtain the same information through ‘emergency data requests’ from Facebook parent company Meta. Snapchat also received a forged legal request from the same group, but it is unconfirmed if the company entertained such a request.

According to cybersecurity researchers, these hackers could be minors located in the U.S. and U.K., while one of them could be the mastermind of the Lapsus$ group that stole valuable data from both NVIDIA, Microsoft, and Samsung. These ‘emergency data requests’ were sent to Facebook, Apple, and Snapchat from various hacked email domains that belonged to law enforcement officials from different countries.

These requests were also cleverly crafted to look legitimate by including forged signatures of actual and conjured-up law enforcement officers. In a statement, Meta states that it is working with law enforcement to evaluate such requests. It is unclear how the Recursion Team will exploit this data, but if Snapchat was also included in the list of companies that received those ‘emergency data requests,’ there could be others.

At this stage, we are unaware of the danger that customers’ data will be subjected to by the hacker group, but we will keep you in the loop.

News Source: Bloomberg

Share this story

Deal of the Day