Criminals have apparently gained access to user data from popular services through weaknesses in the processing of requests from the authorities. With fraudulent access to the e-mail systems of law enforcement agencies, hackers were able to make so-called emergency requests to large platform operators and specifically request user data Krebs on Security reported. Unlike normal requests for information from authorities, emergency requests are usually dealt with directly and do not require a court order.
Basic data transmitted to users
Both Apple and Facebook and Instagram parent Meta released user data to hackers in response to bogus emergency requests in mid-2021, the financial news agency reports Bloomberg reported with reference to informed persons. “Basic details” about users such as address, telephone number and IP address were transmitted. The Discord communication platform confirmed to Bloomberg, also to have given out data. The source of the request was classified as legitimate during the review, Discord emphasized, only later was it recognized that it had been “compromised by a malicious actor”. The Snapchat operator Snap has also received corresponding inquiries, but it remains unclear whether data was also disclosed there.
Teenagers attributed to the hacker group Lapsus$ reportedly promoted this ability to request targeted user data on forums, charging around $100 to $250 each. writes Krebs on Security. This would allow user data to be queried from practically any service that law enforcement officers can also receive, it said.
Apple: Data release for 93 percent of emergency requests
In a statement to US media, Apple referred to its guidelines for handling requests from authorities. “If such an emergency request for information about Customer Data is made by a government or law enforcement agency, the supervisor of the investigating officer who submitted the emergency request may be contacted to confirm to Apple that the emergency request is valid.” the group explained there.
According to the most recently published transparency report, Apple received a total of 1,162 such “emergency requests” in the second half of 2020, of which data was released in 93 percent. In addition to basic information, “in certain cases” this can also include sensitive iCloud data such as iPhone backups, photos and contacts, as the group explains. Criminal prosecutors – or theoretically hackers as well – can also gain access to users’ iMessage communication via the iPhone backups.