According to reports, Apple, Facebook, and Discord provided user data to hackers posing as law enforcement.

Date:

Share post:

The hackers used “compromised” email accounts to make the requests.

According to a new Bloomberg report, Apple, Facebook, and Discord handed over user data to hackers posing as law enforcement officials. The demands, which were allegedly forged to look like legitimate legal requests, came from legitimate email accounts that had been “compromised.”

According to Bloomberg, Facebook and Apple both provided “basic subscriber details, such as a customer’s address, phone number, and IP address.” According to Krebs on Security, Discord provided “the Internet address history of Discord accounts tied to a specific phone number.” The hackers also targeted Snap, though it’s unclear whether the company provided the requested information.

As Bloomberg points out, it’s not uncommon for companies like Apple and Facebook to turn over data to law enforcement, and these companies have dedicated teams to respond to such requests. Typically, these requests are accompanied by a court order, but there are “emergency” cases when law enforcement asks for data without one, like when someone’s life is believed to be in danger.

In this case, the hackers exploited this tactic in order to access personal information about specific targets in order to “facilitate financial fraud schemes.” Using hacked emails tied to legitimate law enforcement personnel, they were able to successfully fool the companies into handing over the data.

In a statement to Bloomberg, Meta spokesperson Andy Stone said that the company has safeguards in place to verify legal requests and detect abuse. “We block known compromised accounts from making requests and work with law enforcement to respond to incidents involving suspected fraudulent requests, as we have done in this case,” Stone said.

Apple and Snap also pointed to company guidelines, saying they have policies to verify the legitimacy of requests for user data. But these safeguards can fall short if the requests appear to be from emails associated with legitimate law enforcement agencies. As Discord told Krebs on Security:

“We can confirm that Discord received requests from a legitimate law enforcement domain and complied with the requests in accordance with our policies. We verify these requests by checking that they come from a genuine source, and did so in this instance. While our verification process confirmed that the law enforcement account itself was legitimate, we later learned that it had been compromised by a malicious actor. We have since conducted an investigation into this illegal activity and notified law enforcement about the compromised email account.”

Interestingly, security researchers have reportedly tied some of the people involved in this scheme to another high-profile hacking group: Lapsus$, whose members allegedly hacked Microsoft and Okta. According to Bloomberg, one person involved with forging the requests is also “believed to be the mastermind behind the cybercrime group Lapsus$.”

Related articles

ICU-Ghana urges workers to work hard towards full economic recovery

Mr Morgan Ayawine, General Secretary of the Industrial and Commercial Workers' Union (ICU) in Ghana, has encouraged workers...

Monaco condemn ‘unacceptable’ Singo racist abuse

The goalkeeper required 10 staples to close a cut in his face after being caught by Singo's boot when the...

Nunez scores as Liverpool sink Southampton cup hopes

Nunez ended his six-game barren run as he and Harvey Elliott scored to give Liverpool firm control in...

Akatsi South: Two young men found dead with body parts removed at Klokpui

Two unidentified young men believed to be of Fulani extraction have been found dead at Klokpui, a farming...