Apple and Meta, the parent company of Facebook, have reportedly provided customer data to hackers.
The companies shared the data in response to fake emergency data requests by hackers, which portrayed them as law enforcement officials, according to reports.
Both the companies provided subscriber details, such as an address, phone number and IP address in mid-2021 in the forged emergency data requests.
While such requests are only provided with a search warrant or subpoena signed by a judge, the emergency requests don’t require a court order.
As part of criminal investigation, law enforcement around the world routinely asks social media platforms for information about users.
Moreover, reports also suggested that Snap Inc., the parent company of Snapchat, and gaming social media Discord also received a similar legal request forged by the same hackers.
READ | Elon Musk conducts poll for 'edit' button on Twitter after becoming top shareholder of micro-blogging site
Who’s behind the forged legal requests?
It is being said that hackers affiliated with a cybercrime group known as the “Recursion Team” are believed to be behind some of the forged legal requests.
The group sent such fraud emergency data requests to technology firms throughout 2021 but now remains inactive.
The information obtained by the hackers using the forged legal requests has been used to enable harassment campaigns.
As per reports, the forged legal requests are part of a months-long campaign that targeted many technology companies and began as early as January 2021.
Such requests are believed to be sent via hacked email domains belonging to law enforcement agencies in multiple countries.
Both Apple and Meta publish data on their compliance with emergency data requests.
According to its report, Apple provided data in response to 93% of those requests in July – December 2020.
Whereas, Meta said it received 21,700 emergency requests from January to June 2021 globally and provided some data in response to 77% of the requests.
