Apple and Facebook parent company Meta handed over user data last year to hackers posing as law enforcement officials, Bloomberg reported.
The companies provided data of users, such as addresses, phone numbers and IP addresses in the middle of 2021.
The hackers had requested the information through Forged ’emergency data requests’, which do not require court approval as typical warrants or citations do.
It is not clear how much data was given to the hackers.
Apple received 1,162 emergency requests from 29 countries between July and December 2020 and provided data for 93% of them. Meta received 21,2020 emergency requests from January to June 2021 and provided data for 77% of those requests.
Facebook has come under scrutiny for years for its handling of user data following reports that Cambridge Analytica obtained data on tens of millions of Facebook users.
Meta spokesman Andy Stone said: “We review each data request for legal sufficiency and use advanced systems and processes to validate data requests. law enforcement and detect abuse.”
“We block known compromised accounts from making requests and work with law enforcement to respond to incidents involving suspected fraud requests, such as we have done in this case”, added Stone.
The hackers may have been involved with the groups s of cyber crimes ‘Recursion Team’ or ‘Lapsus$’.
It is worth mentioning that Lapsus$, a South American hacking group, was responsible for hacking Microsoft, Okta, NVIDIA and Vodafone companies earlier this year.
Data from users may have been used to participate in financial fraud schemes
The cybersecurity blog Krebs on Security reported that hackers are now using illegal access to police email systems to submit fake emergency data requests to obtain private data.
Hackers using this method send bogus requests to companies saying that if the data they request is not provided immediately, innocent people (supposed potential victims) will be subject to significant suffering or death.
You may also be interested in:
– Usua Twitter rio sentenced to 150 hours of community service for posting ‘offensive’ tweet about war veteran
– Hacker steals more than $600 million dollars in cryptocurrencies from the online game Axie Infinity
– Four actions that prove that Anonymous hackers declared cyber war on Russia for the invasion of Ukraine