BELOW SUPERNAV drop zone ⇩

Report: Apple, Meta turned over user data to hackers pretending to be law enforcement

FILE – In this Wednesday, Dec. 16, 2020 file photo, the logo of Apple is illuminated at a store in the city center in Munich, Germany. (AP Photo/Matthias Schrader, file)

MAIN AREA TOP drop zone ⇩

MAIN AREA TOP drop zone ⇩

(The Hill) Apple and Facebook parent company Meta turned over user data last year to hackers pretending to be law enforcement officials, Bloomberg reported, citing three people familiar with the matter.

The companies provided user details such as addresses, phone numbers and IP addresses in mid-2021 to the hackers, sources told Bloomberg. The hackers had requested the information via forged “emergency data requests,” which do not require court approval like typical warrants or subpoenas do.

It’s unclear how much data was turned over.

Apple received 1,162 emergency requests from 29 countries between July and December 2020 and turned over data for 93 percent of those, Bloomberg noted. Meta received 21,700 emergency requests from January to June 2021 and turned over data for 77 percent of those requests.

Facebook has been scrutinized for its handling of user data for years following reports that Cambridge Analytica obtained data on tens of millions of the platform’s users.

In a statement obtained by The Hill, Meta spokesperson Andy Stone said, “We review every data request for legal sufficiency and use advanced systems and processes to validate law enforcement requests and detect abuse.”

“We block known compromised accounts from making requests and work with law enforcement to respond to incidents involving suspected fraudulent requests, as we have done in this case,” he said.

An Apple spokesperson pointed The Hill to guidelines that law enforcement agencies seeking customer data may be contacted to confirm the request was legitimate. “The government or law enforcement agent who submits the Emergency Government & Law Enforcement Information Request should provide the supervisor’s contact information in the request,” the guidelines read.

The hackers may have been involved with cyber crime groups Recursion Team or Lapsus$, three people involved in the investigation told Bloomberg.

Lapsus$, a South American hacking group, was responsible for hacking Microsoft, Okta, NVIDIA and Vodafone earlier this year.

The user data may have been used to engage in financial fraud schemes, sources told Bloomberg. One person familiar told the outlet that the information has been used for harassment campaigns.

Cybersecurity blog Krebs on Security reported on Tuesday that criminal hackers are now using illegal access to police email systems to send fake emergency data requests in order to obtain private data.

Hackers using this method will send fake requests to companies and claim that if the data they ask for isn’t provided immediately, innocent people will be subjected to significant suffering or death, according to the blog.

Cybersecurity

Copyright 2024 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed

Site Settings Survey

 

MAIN AREA MIDDLE drop zone ⇩

Trending on NewsNation

MAIN AREA BOTTOM drop zone ⇩

tt

KC Chiefs parade shooting: 1 dead, 21 shot including 9 kids | Morning in America

Witness of Chiefs parade shooting describes suspect | Banfield

Kansas City Chiefs parade shooting: Mom of 2 dead, over 20 shot | Banfield

WWE star Ashley Massaro 'threatened' by board to keep quiet about alleged rape: Friend | Banfield

Friend of WWE star: Ashley Massaro 'spent hours' sobbing after alleged rape | Banfield

Sunny

la

66°F Sunny Feels like 66°
Wind
4 mph SSW
Humidity
33%
Sunrise
Sunset

Tonight

Partly cloudy skies early will give way to cloudy skies late. Slight chance of a rain shower. Low 52F. Winds light and variable.
52°F Partly cloudy skies early will give way to cloudy skies late. Slight chance of a rain shower. Low 52F. Winds light and variable.
Wind
5 mph SW
Precip
15%
Sunset
Moon Phase
Waxing Gibbous