Meta, Apple mistakenly gave access to customer data to hackers

Sources close to the matter said that Apple and Meta, the parent company of Facebook, provided customer data to hackers posing as government officials.

According to Bloomberg news agency , Apple and Meta made basic details about subscribers available, such as addresses, phone numbers, and IP addresses of customers in mid-2021 in response to an "urgent data request." ” from the impostor.

Normally, such requests are only provided with a search warrant or subpoena signed by the judge. However, an urgent request does not require a court order. At the moment, it's unclear how many times the companies provided the data after receiving a bogus legal claim.

As reported by Krebs on Security, fake emergency data requests are becoming increasingly common. To perform an attack, a hacker must first gain access to the police department's email system. They then forge an urgent data request sent from the law enforcement agency and describe the potential dangers if the business side does not respond to this request immediately.

Krebs said some hackers are selling access to government emails online, targeting social media platforms to impersonate urgent data requests.

Cybersecurity experts suspect that some hackers masquerade as minors in the UK and US. Accordingly, a minor is also believed to be the head of the Intermet Lapsus$ crime group, which together with accomplices attacked Microsoft, Samsung and Nvidia. Recently, the British city of London police arrested 7 people in connection with the investigation of the Lapsus$ hacker group.

In addition, there is a stream of claims that the chain of attacks last year may have been carried out by the cybercrime group Recursion Team. However, some members of this group are said to have joined Lapsus$ after Recursion Team disbanded.

Officials who are investigating say hackers accessed the accounts of law enforcement agencies in multiple countries and targeted multiple companies in the months since January 2021.

“We review every data request for legal completeness and use advanced systems and processes to verify that law enforcement requests are legitimate, thereby detecting which ones are legitimate. abusive behavior," Meta director of communications and policy Andy Stone said in a statement to The Verge.

For its part, an Apple representative sent Bloomberg its law enforcement guidance, which states: “If a government or law enforcement agency seeks customer data in response to a Request for Information Emergency law enforcement information, government inspectors or law enforcement agencies - who submitted the request - may be contacted and asked to confirm with Apple as to legitimacy."

Meta and Apple are not the only companies affected by fake requests for urgent data. Bloomberg  said the hacker also contacted Snap with a similar fake request, but it's unclear if the company followed through. The Krebs on Security report also includes confirmation from Discord that the platform provided customer information in response to one of the requests from the hacker.

"This tactic poses a disturbing threat in the tech industry," Peter Day, Discord's director of corporate communications, said in a statement. “We will continuously invest in our Trust & Safety to tackle emerging issues like these.”

Snap did not immediately comment on the incident, but a representative said the company has safeguards in place to detect fraudulent claims.

According to Bloomberg's sources, the information obtained by the hackers was used to support disruptive campaigns. Usually, this data can be used mainly in financial fraud schemes. Hackers can rely on the victim's information to bypass the security layer and access the account.  

Operate and exploit advertising by iCOMM Vietnam Media and Technology Joint Stock Company.
116 Thai Ha, Trung Liet Ward, Dong Da District, Hanoi.
Editor in chief: Tran Vo
Tel: (+84) 903076053/7 Fax: (+84) 903030935
Responsible agency: Union of Science and High-Tech Production and Telecommunications (HTI) - Vietnam Academy of Science and Technology
Copyright © 2020 iCOMM Tech JSC