Apple allegedly provided user data to hackers who falsified legal claims

Apple reportedly provided various user data to a group of hackers who were able to forge legal claims.

user data, Apple hackers

As Bloomberg reports, the story dates back to 2021 and is based on a social engineering scam. The hackers posed as law enforcement officials and managed to persuade Apple personnel to provide them with data including customer addresses, phone numbers and IP addresses after sending “emergency requests for forged data”.

Typically, Apple provides this information with a search warrant or subpoena from a judge, but this does not apply to emergency requests as they are used in cases of imminent danger. Apple did not confirm that the data was actually shared and directed Bloomberg to its dedicated law enforcement guidelines when asked for comment.

The guidelines referenced by Apple state that a government supervisor or law enforcement officer making the request “may be contacted to confirm to Apple that the emergency request is legitimate”.

Meta also allegedly provided user data after the hackers made false requests, with the company announcing that it had started working with the police over alleged fraudulent requests. Information obtained from Apple, Facebook and other companies would be used in financial scam campaigns and schemes.

The emails were sent from hacked email domains belonging to law enforcement officials from several countries, to make the request more realistic. The signatures were also forged. According to Bloomberg, the group of cybercriminals known as ” Recursion Team is linked to many of these requests made in the US and UK.

Moreover, the group of hackers Slip$ shared a message on Telegram claiming to have stolen 70 GB of data from international software developer Globant and screenshots of the captured data show a folder called “apple-health-app”. The contents of this folder and whether it contains data obtained by Apple is still unclear.

Leave a Comment