According to as yet unconfirmed allegations, Apple and Facebook voluntarily handed over a certain amount of personal data of their users to a hacker group whose members falsely presented themselves as police officials.
Hello, we are the police, if you could give us some user information…
In a world where megacorporations openly cooperate with state authorities around the world, where information about users has a blanket, little can really surprise. However, something like this is astonishing.
And how did all this happen?
Simpler than anyone would think. The hacker group misrepresented itself and requested user data in an emergency procedure, a protocol used in crisis situations. This data included phone numbers, IP addresses, as well as physical addresses, all of which the hackers obtained without having to show a data search warrant.
According to the standard procedure, companies have to wait for a court order in order to be able to give user data to police representatives in order to discover the perpetrator of a certain crime. However, the same court order is not needed in crisis situations when the process is carried out in an urgent procedure, so the hackers used that part of the law very wisely and provided themselves with user data.
All this happened in the middle of 2021 when the hacker group Recursion Team successfully performed this maneuver over two very powerful megacorporations. According to Bloomberg, the company Snapchat received the same request, but it is not yet known whether they gave the data to hackers.
For now, nothing is known about the members of this hacker group. It is suspected that they are minors from the United States of America and that one person became the leader of the currently popular hacker group LAPSUS$.
What we do know is that hackers managed to defraud Apple and Facebook by combining fictitious police representatives and forged signatures on documents. As we have already said, it is still unknown what happened to that data or what will happen to that data.