Apple and Meta shared user data with hackers who used forged requests

By Akshay Kedari

Tech giants Apple Inc., and Meta Inc. have reportedly shared user data with hackers who pretended to be part of an emergency data order request that law enforcement officials typically conduct.



It is worth noting that law enforcement officials often ask for data from social platforms for reference in criminal investigations, which allows them to access information about a specific online account and its owner. While data requests usually call for a search warrant signed by a judge or a subpoena, emergency data requests don’t have such requirements — and are usually demanded in life-threatening situations.



But fake emergency data requests have become increasingly common in recent times. Hackers first access a police department’s email systems and forge an emergency data request that emphasizes the lash back of not complying with the request. Companies, believing these to be genuine requirements send them the data.



Sources also revealed that certain hackers have been earning from selling government email access online, specifically aimed at creating false emergency data requests for social platforms. A majority of bad actors creating such fake requests have been determined to be teenagers, and cybersecurity experts think the teen mastermind behind the infamous Lapsus$ hacking gang could be responsible for this scam as well.



It is worth noting that London police have detained and arrested seven teens who may be part of the group.



Apple’s law enforcement guidelines clearly state that if a law enforcement agency or government asks for customer data as part of an emergency information request, a supervisor of the law enforcement agent or government that submitted the request can be asked to confirm that the emergency request was legitimate.



Meta and Apple aren’t the only companies that have fallen victims to such fake emergency data requests. Some hackers had also tried to gain access to Snap’s data with forged requests, but it is yet to be known whether the company followed through.



Source Credits –



https://www.theverge.com/2022/3/30/23003600/apple-meta-shared-data-hackers-pretending-law-enforcement-officials

About Author

Akshay Kedari

A qualified computer engineering graduate, Akshay Kedari takes pride in having his way with words. Following his passion for content creation, he writes insightful pieces on aeresearch.net and a few other portals. Also endorsed with a short-term experience in web development, Akshay lends expertise ...

Read More