Apple and Meta handed over user data last year to hackers who posed as officers and had them fill out fake forms.
Tech giants Apple and Meta provided customer data to hackers posing as law enforcement officials, according to sources familiar with the matter, Bloomberg reports .
By mid-2021, the hackers had requested the information through forged “emergency data requests,” which do not require court approval. The data provided includes addresses , telephone numbers , IP addresses .
Snap also received an “emergency” request from the same hackers, but it’s not known if the company provided any such data.
Social engineering
Apple received 1,162 emergency requests from 29 countries between July and December 2020, of which it delivered 93 percent of the requests. On the other hand, Meta received 21,700 emergency requests between January and June 2021 and delivered 77 percent of the data.
According to people involved in the investigation, the hackers are believed to be a group called the “Recursion Team” and that they are the ones behind the requests throughout 2021.
The Recursion Team no longer exists, but many of its members continue to be in the hacking world, carrying out attacks under different names, including as part of Lapsus$ , the people said.
The stolen data can be used to create harassment campaigns, facilitate financial fraud schemes, or attempt to bypass account credentials.
