Technology

Apple and Meta mistakenly passed on user data to the scammers: the Bloomberg investigation

99

Apple and Meta – the latter owned by Facebook and Instagram – trusted the fraudsters who pretended to be law enforcement and passed on user data. And although the former denies everything, Bloomberg has evidence.

According to the agency, in January 2021, fraudsters launched a multi-month campaign targeting various technology corporations. The incidents reported by Bloomberg took place in the middle of the year.

What happened

Apple and Meta provided addresses, phone numbers and IP addresses in response to bogus “emergency requests”. Such data usually requires a court decision or a signed warrant, but for emergency requests, under US law, they are not required, as such cases require a very rapid response.

Letters of inquiry sent from compromised e-mail boxes to law enforcement agencies around the world. Simply put, they were hacked by hackers. Three Bloomberg sources said at once that in some cases the requests contained fake signatures of real or fictitious law enforcement officers.

In companies, of course, everything denied.

  • An Apple spokesman referred Bloomberg to a section of his law enforcement instructions.
  • They say that a law enforcement officer who made an emergency request “can be contacted and asked to confirm that Apple was legitimate.”
  • Meta spokesman Andy Stone said the company checks every data request and uses systems to detect abuse.
    We are blocking compromised accounts and cooperating with law enforcement agencies, – he said.
  • Snap, which owns Snapchat, also received a fake request. It is unknown whether she passed on user data, as she did not comment on the case. A Snap spokesman said the company had precautions to detect fraudulent law enforcement inquiries.
  • Krebs on Security also reported a similar case. Hackers forged a request for emergency data to obtain information from the Discord platform. In a statement, Bloomberg Discord confirmed that it also complied with a forged legal request.

Hackers can use the information obtained to harass and financial fraud. According to sources, behind some fake legal inquiries sent to companies during 2021, there are hackers from the group Recursion. Today, it is no longer active, but many of its members continue to carry out attacks under different names.

It is unclear how many times companies have provided data based on forged legal requests. And it is not at all clear how many more such companies have fallen into the trap of fraudsters.

Follow us on Google News
Follow us on Twitter (X)
Follow us on Facebook
You might also like
Technology

Apple removes WhatsApp and Threads from the App Store in China

Mobile world

Apple allows downloading apps from third-party sites in the EU: the end of the App…

Mobile world

Apple switches to a new strategy: iOS 18 will not use cloud servers for AI

Technology

Apple has created AI that can outperform GPT-4 in understanding commands

Comments
Loading...
More Stories

SpaceX cuts off access to satellite internet in three…

Apple removes WhatsApp and Threads from the App Store in…

German drones to be produced in Ukraine

1 of 1,360

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More