According to the latest data, Apple and Meta* leaked information about users of their platforms to attackers posing as American law enforcement officials. In mid-2021, companies provided criminals with user addresses, phone numbers, and IP addresses.
Accordingly Bloomberg, although the transmission of such information is usually in accordance with a court order, exceptions to the emergency rules are possible, which the criminals used to provide information urgently. Snap has been known to receive similar requests, but it’s not yet known if it shared data with scammers. According to some reports, the issue also affected Discord.
According to some cybersecurity experts, the perpetrators of the crimes could be minors from the US and/or the UK. The attackers are believed to be using the real email domains of law enforcement agencies around the world to make fake requests. It is believed that getting information about compromised law enforcement accounts on the dark web is quite easy, paying between $10 and $50 is enough. In addition, after gaining access to police or other agency mailboxes, the attackers could familiarize themselves with the templates for which requests are made. According to experts, the situation regarding the sale of “police” mail accounts has deteriorated after many law enforcement agencies fell victim to attacks on Microsoft Exchange mail servers, making it even easier to obtain account data.
Although many IT giants have dedicated portals for submitting requests, it is reported that regular emails from “police” domains are also considered 24/7. According to some experts, many employees take it upon themselves to provide data quickly in good faith in emergencies. According to a representative of cybersecurity firm Unit 221B, the “flexible” response of employees to requests without unnecessary bureaucracy has helped save lives in a number of cases.
The situation is complicated by the fact that companies like Apple and Meta* receive tens of thousands of data disclosure requests from dozens of countries throughout the year, most of which are complied with, and in emergencies when people’s lives and health may be at risk, extradition decisions are effectively made without a warrant.
At the same time, each country has its own request system, its own law enforcement mail domains, and altogether tens of thousands of organizations conducting operational and search activities – from small police stations to state agencies.
* included in the list of public associations and religious organizations for which the court made a final decision to liquidate or ban activities on grounds specified in Federal Law No. 114-FZ of July 25, 2002 “On Combating Extremist Activities”