Apple, Meta Shared User Data With Hackers Over Fake Emergency Requests: All You Need To Know

Data privacy and protection are the need of the hour, and yet, we keep hearing instances where tech companies themselves share user data without consent. In the latest incident, Apple and Meta have handed over user data to hackers, who requested it with fake emergency data requests. It seems like there's a series of events behind such data sharing and mismanagement.

Apple, Meta Handed Over Data To Hackers

A Bloomberg report explains the slip-up by top companies like Apple and Meta, which happened back in 2021. The handing over of data occurred via a phony request to provide user data like IP addresses, phone numbers, home addresses, and so on. Interestingly, one really can't blame Meta or Apple for this incident.

Most often, law enforcement officials request to use data from social media platforms and other tech giants who have access to it. This is generally for criminal investigations, allowing officers to obtain information about the owner of a specific online account. Generally, these requests require a subpoena or search warrant signed by a judge. But there's also something called Emergency Data Requests.

It looks like the hackers misused the emergency data request, which is often used by officers in life-threatening situations. The events here seemed to have started with hackers gaining access to the police department's email system, after which, they have forged an emergency data request that explains the extreme dangers of not sending the data right away.

Hackers Seem To Be Teenagers

A report from Krebs on Security explains that fake emergency data requests have been on the rise in the US. What's even more interesting is that these hackers seem to be teenagers, the report states. Teen hackers aren't just rising in the US but across the globe. The infamous Lapsus$ hacking group is believed to have a teen hacker as a mastermind.

This brings us to an important question - what can tech companies do in such situations? Of course, companies like Meta and Apple have large security and scrutiny systems in hand to handle such situations. "We review every data request for legal sufficiency and use advanced systems and processes to validate law enforcement requests and detect abuse," Andy Stone, Meta's policy and communications director," said in an emailed statement to The Verge.

On the other hand, Apple's law enforcement guidelines state: "If a government or law enforcement agency seeks customer data in response to an Emergency Government & Law Enforcement Information Request, a supervisor for the government or law enforcement agent who submitted the Emergency Government & Law Enforcement Information Request may be contacted and asked to confirm to Apple that the emergency request was legitimate."

Despite such measures, hackers seem to still find access to data with their dark tricks. From the looks of it, Apple and Meta aren't the only platforms that are being targeted. The same is believed to be happening across many countries, including India.

It seems like the stronger the defenses, the newer the methods that hackers seem to find. India has also been facing several cyber threats. It remains to see how well tech giants cope with the new threat that's looming over user data.