Hackers got users' addresses, phone numbers from Facebook owner Meta with fake request | Tech News

Hackers got users' addresses, phone numbers from Facebook owner Meta with fake request

Imposters were able to get details like physical addresses or phone numbers in response to falsified "emergency data requests".

By:AFP
| Updated on: Aug 22 2022, 11:08 IST
Meta
Meta, in a statement, said the firm reviews every data request for "legal sufficiency" and uses "advanced systems and processes" to validate law enforcement requests and detect abuse. (Dado Ruvic/REUTERS)

Facebook owner Meta gave user information to hackers who pretended to be law enforcement officials last year, a company source said Wednesday, highlighting the risks of a measure used in urgent cases.

Imposters were able to get details like physical addresses or phone numbers in response to falsified "emergency data requests," which can slip past privacy barriers, said the source who requested anonymity due to the sensitivity of the matter.

You may be interested in

MobilesTablets Laptops
7% OFF
Apple iPhone 15 Pro Max
  • Black Titanium
  • 8 GB RAM
  • 256 GB Storage
Google Pixel 8 Pro
  • Obsidian
  • 12 GB RAM
  • 128 GB Storage
34% OFF
Samsung Galaxy S23 Ultra 5G
  • Green
  • 12 GB RAM
  • 256 GB Storage
Apple iPhone 15 Plus
  • Black
  • 6 GB RAM
  • 128 GB Storage

Criminal hackers have been compromising email accounts or websites tied to police or government and claiming they can't wait for a judge's order for information because it's an "urgent matter of life and death," cyber expert Brian Krebs wrote Tuesday.

Also read
Looking for a smartphone? To check mobile finder click here.

Bloomberg news agency, which originally reported Meta being targeted, also reported that Apple had provided customer data in response to forged data requests.

Apple and Meta did not officially confirm the incidents, but provided statements citing their policies in handling information demands.

When US law enforcement officials want data on a social media account's owner or an associated cell phone number, they must submit an official court-ordered warrant or subpoena, Krebs wrote.

But in urgent cases authorities can make an "emergency data request," which "largely bypasses any official review and does not require the requestor to supply any court-approved documents," he added.

Meta, in a statement, said the firm reviews every data request for "legal sufficiency" and uses "advanced systems and processes" to validate law enforcement requests and detect abuse.

"We block known compromised accounts from making requests and work with law enforcement to respond to incidents involving suspected fraudulent requests, as we have done in this case," the statement added.

Apple noted its guidelines, which say that in the case of an emergency application "a supervisor for the government or law enforcement agent who submitted the... request may be contacted and asked to confirm to Apple that the emergency request was legitimate."

Krebs noted that the lack of a unitary, national system for these type of requests is one of the key problems associated with them, as companies end up deciding how to deal with them.

"To make matters more complicated, there are tens of thousands of police jurisdictions around the world - including roughly 18,000 in the United States alone - and all it takes for hackers to succeed is illicit access to a single police email account," he wrote.

Catch all the Latest Tech News, Mobile News, Laptop News, Gaming news, Wearables News , How To News, also keep up with us on Whatsapp channel,Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.

First Published Date: 01 Apr, 09:18 IST
Tags:
NEXT ARTICLE BEGINS