It sounds funny, but it happened. The world’s largest technology giants Apple and Meta have reportedly handed users’ data to hackers impersonating authorities. According to a report by Bloomberg. The slip-up happened in mid-2021, with both company Apple and Facebook falling for the phoney requests and providing information about users’ IP addresses, phone numbers, email and home addresses.
Law enforcement officials often request data from any social platform or tech company in connection with criminal investigations, allowing them to obtain information about the particular account owner. Normally, such requests are only provided with a search warrant or subpoena signed by a court, according to the people. However, emergency requests don’t require a court order.
Another company Snap Inc also received the same legal request from the same hackers, but it isn’t known whether the company provided data in the response or not. It’s also not clear how many times these companies or other platforms provided data prompted by forged legal requests.
Hackers affiliated with a cybercrime group known as the “Recursion Team” are believed to be behind some of the forged legal requests n the US and UK, which were sent to companies throughout 2021, according to the three persons who are involved in the investigation.
The Recursion Hacker group is no longer active, but many of its members continue to carry out hacks under different names, including as part of Lapsus$, according to a report.