Politics

Apple And Meta (Facebook) Duped Into Giving User Data To Hackers Posing As Law Enforcement


Hackers tricked Apple and Meta, the parent company of Facebook, into giving them user data by posing as law enforcement officers with forged legal requests.

In mid-2021, Apple and Meta handed over basic subscriber details including customer addresses, phone numbers and IP addresses in response to fake “emergency data requests.” Typically, search warrants or subpoenas must be signed by a judge, but this is not the case with emergency requests — they do not require a court order, Bloomberg reported.

The user data handed over by Apple and Meta may have been used to conduct financial fraud, sources said.

It’s unclear how much data was turned over.

Between July and December 2020, Apple received 1,162 emergency requests from 29 countries and turned over data for 93 percent of the requests. From January to June 2021, Meta received 21,700 emergency requests and turned over data for 77 percent of those requests, The Hill reported.

Meta spokesperson Andy Stone told The Hill, “We review every data request for legal sufficiency and use advanced systems and processes to validate law enforcement requests and detect abuse.

“We block known compromised accounts from making requests and work with law enforcement to respond to incidents involving suspected fraudulent requests, as we have done in this case.”   

An Apple spokesperson told The Hill that Apple was following the guidelines that outline which law enforcement agencies can seek customer data.

Listen to GHOGH with Jamarlin Martin | Episode 74: Jamarlin Martin Jamarlin returns for a new season of the GHOGH podcast to discuss Bitcoin, bubbles, and Biden. He talks about the risk factors for Bitcoin as an investment asset including origin risk, speculative market structure, regulatory, and environment. Are broader financial markets in a massive speculative bubble?

“The government or law enforcement agent who submits the Emergency Government & Law Enforcement Information Request should provide the supervisor’s contact information in the request,” the guidelines read.

It’s been reported that the hackers may be a group of teenagers who are behind other cyberattacks. They may also be involved with cybercrime groups Recursion Team or Lapsus$, sources involved in the investigation told Bloomberg.

The South American hacking group Lapsus$ was responsible for hacking Microsoft, Okta, NVIDIA, and Vodafone in early 2022.

Photo: Tero Vesalainen / iStock https://www.istockphoto.com/portfolio/TeroVesalainen?mediatype=photography



Related Articles

Leave a Reply

Your email address will not be published.

Back to top button