Apple and Meta share user data with hackers

According to a media report, Apple and Meta companies have passed user data to hackers who had been posing as law enforcement agencies. The Lapsus$ group may be involved.

Apple and Facebook’s Meta group are said to have passed user data to hackers, reports the American magazine “Bloomberg”. Thus, the attackers compromised law enforcement email addresses and thus made fake emergency requests to businesses. The published data is said to have been IP addresses, phone numbers and home addresses of users.

The cases that have now become known come from the middle of last year and, according to security researcher Brian Krebs, are assigned to the Recursion Team hacker group. That describes cancer. on his blog “Cancer on Security”. The group has since disbanded. But some members have found work in the well-known Lapsus$ hacker collective.

Consultations were held for several months.

It is not known how much data the hackers stole. The researchers told Bloomberg that the attackers “accessed the accounts of law enforcement agencies in multiple countries and contacted many companies over several months beginning in January 2021.”

Law enforcement authorities may request data from social network users during investigations to obtain information about the owner of a profile. These requests generally require a subpoena or search warrant. In the case of emergency requests, companies can transmit the data without such court letters.

Hackers sell email credentials on the Internet

According to Brian Krebs, there is an increasing number of fake emergency requests that require hackers to gain access to a law enforcement agency’s email systems. According to him, hackers sell government email accounts on the Internet.

According to “Bloomberg”, Meta and Apple are not the only companies affected by false emergency requests. Consequently, Snapchat’s company, Snap, was also contacted with a bogus request. However, it is not known if the company has published user data.