Apple and Meta gave hackers access to consumer data. According to reports, the hackers impersonated law enforcement’s emergency data request orders. Surprisingly, the blunder occurred in mid-2021. Both organisations succumbed to the bogus demands and divulged information such as consumers’ IP addresses, phone numbers, and home locations.
How Did The Leakage Occur?
According to reports, the requests for emergency data began in January 2021. Furthermore, the bogus legal requests were thought to be credible after being signed by fictitious law enforcement officers. The fabricated documents were subsequently submitted to Meta and Apple via bogus email addresses from various government agencies around the world.
In the course of criminal investigations, law enforcement officials frequently request data from social media networks. This enables them to learn more about the owner of a given internet account. A subpoena or search warrant signed by a court is usually required for these inquiries. Emergency data requests, on the other hand, do not require these procedures and are designed for cases involving life-threatening conditions.
The Perpetrators
Fake emergency data requests are getting more prevalent. Hackers must first obtain access to a police department’s email systems in order to launch an attack. They take on the persona of a law enforcement officer. The hackers can then create a forged emergency data request that describes the potential threat of not receiving the desired data immediately.
According to Bloomberg, the vast majority of unscrupulous actors who carry out these bogus requests are teens. The perpetrators of the false emergency requests were thought to be minors from the United States and the United Kingdom. Since then, seven teenagers have been arrested in connection with the gang by London police. One hacker is said to be affiliated with one of two hacking gangs, Recursion Team or LAPSUS$.
LAPSUS$ is a South American collective suspected of being behind hacks against tech corporations such as Microsoft, Samsung, and Nvidia. However, last year’s wave of attacks may have been carried out by members of a cybercriminal organisation known as Recursion Team. Despite the fact that the organisation has disintegrated, some of its members have joined Lapsus$ under various names.
At this point, it is unknown whether the impersonation of law enforcement was carried out by LAPSUS$ or Recursion Team.
Endnote
Meta and Apple aren’t the only companies known to have been targeted by bogus emergency data requests. According to Bloomberg, hackers also contacted Snap with a bogus request, but it’s unclear whether the firm followed through. The article from Krebs on Security also contains confirmation from Discord that the company sent up information in response to one of these bogus requests.
