Apple And Meta Shared Their Users’ Data With Hackers Posing As Government Officials

Hackers related to the Lapsus$ group would have pretended to be government officials to request private data from Meta and Apple. According to Bloomberg, Apple and Meta were leaking user information to attackers who spoofed emergency data requests from government agencies.

One of the key suspects is the teenager who would currently lead Lapsus$, which has been on everyone’s lips after the attacks on Microsoft, Samsung or Nvidia, although at that time, he was part of another group of hackers.

Typically, requests from law enforcement are processed by companies on a warrant or document that is signed by a judge. However, The emergency data request (EDR) does not require a court decision. it is a kind of legal procedure that can be used by security agents in order to obtain the necessary information from a user to be able to carry out an investigation

According to Krebs On Security, the perpetrators used some emails, previously hacked, linked to legitimate law enforcement personnel, thus successfully tricking companies into handing over the data without further suspicion.

And it is not uncommon for companies like Apple and Facebook to receive requests of this type from law enforcement, even having teams entirely dedicated to responding to these requests.

It is only known that the attackers were associated with the Recursion Team hacker group. As of today, its activities have been suspended. But many of its members continue to carry out hacks under different names, including as part of Lapsus$.

The most striking thing is that neither Meta nor Apple would be the only companies affected by these attacks. In addition to them, companies like Snap, the owner of Snapchat, also received such requests. Another that did provide data was Discord, which provided information in response to one of these requests.

Bhasker Das
Bhasker Das
Bhasker Das, with a master's in Cybersecurity, is a seasoned editor focusing on online security, privacy, and protection. When not decrypting the complexities of the cyber world, Anu indulges in his passion for chess, seeing parallels in strategy and foresight.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.

More from this stream