fbpx
Business

Apple, Meta and Discord deceived by hackers posing as law enforcement to share customer information

The stolen information was used by the hackers to carry out harassment campaigns and financial fraud

Apple and Meta have reportedly handed over customer data to hackers who masqueraded as law enforcement officials, according to a Bloombergreport.

The incident happened in mid-2021 and resulted in the two tech giants giving away customer IP addresses, phone numbers as well as home addresses to the incognito hackers.

Bloomberg says that three people familiar with the situation have reported that the hackers raised an “emergency data request,” which usually happens during a criminal investigation when law enforcement wants information about a specific account. ‘

Requesting said information needs a search warrant signed by a judge, although “emergency data requests” don’t, and are usually raised in life-threatening situations.

According to the report, Snap also received a similar data request from the hackers hiding behind the facade, though it is still unclear whether Snap gave in or not.

“We review every data request for legal sufficiency and use advanced systems and processes to validate law enforcement requests and detect abuse,” a Meta spokesperson told Bloomberg. “We block known compromised accounts from making requests and work with law enforcement to respond to incidents involving suspected fraudulent requests, as we have done in this case.”

“As we have done in this case,” says the spokesperson after the company he works for handed over crucial customer information to the hackers. Nice.

Investigation into the matter has revealed that some entities behind the data breach are minors from the U.K. and the U.S. and had links with a cybercrime group known as “Recursion Team.”

Intelligence found that Recursion is no longer in operation though several of its members are now believed to be in direct affiliation with hacker group Lapsus$, who recently hacked its way into Nvidia, Microsoft, Samsung, Globant and more.

The stolen information was then used by the hackers to carry out harassment campaigns and financial fraud.

In a later update, Discord added that it also received fraudulent “emergency data requests,” and abided.

Source: Bloomberg

Related Articles

Comments