Apple And Meta Fell For A Fake 'Emergency Data Request' Scam
Apple and Meta reportedly handed over user data to hackers in 2021 after falling for an elaborate 'Emergency Data Request' scam. Cyber-crime and online scams have been on the rise over the years and reached a crescendo during the pandemic. According to the FBI, 2021 was an especially bad year for digital safety, with victims losing nearly $7 billion to online attacks, scams, and hacks.
Law enforcement officials routinely request user data from major tech companies, such as Apple, Google, Meta, and Microsoft, but most of these companies only hand over data when presented with a warrant or subpoena. However, in case of emergency requests, most of them comply in good faith, especially if they believe that it involves a threat to a person's life or public safety.
According to Bloomberg, Facebook's parent company Meta and fellow American tech giant Apple handed over user data to hackers pretending to be law enforcement officials. The report, which cites three people familiar with the matter, claims that the companies provided addresses, phone numbers, and IP addresses of their users after being served with an emergency data request that later turned out to be forged. While the malicious actors are yet to be identified, investigators believe that they're likely to be teenagers based in the U.S. or U.K. In fact, one of the people involved in the scam is suspected to be the mastermind behind the cybercrime group 'Lapsus$' which was recently in the news for hacking Microsoft, Samsung, and Nvidia.
According to the report, the forged documents are believed to be the creations of a cyber-crime syndicate known as 'Recursion Team.' While that group is no longer active, many of its members are said to be working online under different names, including the aforementioned Lapsus$. Neither Apple nor Meta discussed the specifics of the case with Bloomberg when contacted. Instead, the spokespersons for both companies released vague statements about how they handle data requests from law enforcement and the precautions taken to avoid leaking data to malicious parties.
The forgeries and the fake data requests are believed to have started around January 2021 and were sent to companies throughout the year. The data obtained through these fraudulent requests were then believed to have been used for 'harassment campaigns', although experts believe that the information might eventually be used for financial fraud. As for how these fraudulent requests were sent in the first place, investigators say that the hackers likely used compromised email domains of law enforcement agencies in various countries. Experts believe the fake documents were likely based on real documents which were used as templates for the forgeries.
Alongside Apple and Meta, Snapchat is also believed to have received similar forged emergency data requests from the same group of cyber-criminals, but it's not immediately clear if the company complied with those requests. When contacted, a Snap spokesperson refused to discuss the issue with Bloomberg, but claimed that the company has safeguards in place to differentiate between real requests from law enforcement and fraudulent activities from hackers and malicious actors.
Source: Bloomberg