Apple Allegedly Provided User Data to Hackers That Forged Legal Requests

Apple apparently provided some user data to a hacker group that forged legal requests for the information in a 2021 social engineering scam, reports Bloomberg, citing three sources with knowledge of what happened.

apple logo plain
The hackers masqueraded as law enforcement officials and were able to convince Apple's staff to provide them with data that included customer addresses, phone numbers, and IP addresses after sending forged "emergency data requests."

Typically, Apple provides this information with a search warrant or subpoena from a judge, but that does not apply with emergency requests because they are used in cases of imminent danger. Apple did not confirm that data had been shared, and directed Bloomberg to its law enforcement guidelines when asked for comment.

In response to a request for comment, an Apple representative referred Bloomberg News to a section of its law enforcement guidelines.

The guidelines referenced by Apple say that a supervisor for the government or law enforcement agent who submitted the request "may be contacted and asked to confirm to Apple that the emergency request was legitimate," the Apple guideline states.

Facebook parent company Meta also provided data to the same hacker group, and in a statement, Meta said that it is working with law enforcement on the suspected fraudulent requests. Information obtained from Apple, Facebook, and others has been used in harassment campaigns and could be used in financial fraud schemes.

The requests were sent from hacked email domains belonging to law enforcement officials from multiple countries, and were crafted to look legitimate with forged signatures of real or fictional law enforcement officers.

According to Bloomberg, a cybercrime group known as "Recursion Team" is linked to some of the forged legal requests that were sent to various companies in 2021. Some of the hackers are believed to be minors located in the United States and United Kingdom, and at least one of the minors involved has also participated in the Lapsus$ group that attacked Microsoft, Samsung, and Nvidia.

As The Verge pointed out earlier today, Lapsus$ shared a post on Telegram claiming to have stolen 70GB of data from international software developer Globant, and screenshots of the data captured show a folder called "apple-health-app." What's in that folder and whether it contains data obtained from Apple is unclear.

Tag: Hack

Popular Stories

Apple Glass

Apple Smart Glasses: Everything We Know So Far

Wednesday May 21, 2025 8:21 am PDT by
Google recently made waves by showcasing a set of lightweight smart glasses featuring deep Gemini integration and an optional in-lens display. The demo has reignited interest in Apple's own smart glasses project, which has been the subject of rumors for nearly a decade. Here's a recap of where things stand. Current Development Status Apple is actively working on new chips specifically...
iPhone 17 Air Pastel Feature

iPhone 17 Air Battery Capacity and Weight Allegedly Revealed

Monday May 19, 2025 2:22 am PDT by
Apple is expected to launch an all-new ultra-thin iPhone 17 Air later this year, and while there have been plenty of rumors about the camera's overall design and thinness, we haven't heard any details about the device's weight and battery capacity until now. According to the leaker going by the account name "yeux1122" on the Korean-langauge Naver blog, the 6.6-inch iPhone 17 Air has a weight ...
Apple CarPlay Ultra instrument cluster themes 01

Apple's CarPlay Ultra Is Here – Does Your iPhone Support It?

Thursday May 15, 2025 5:17 am PDT by
Apple's recently announced CarPlay Ultra promises a deeply integrated in-car experience, but not all iPhone users will be able to take advantage of the new feature. According to Apple's press release, CarPlay Ultra requires an iPhone 12 or later running iOS 18.5 or later. This means if you're using an iPhone 11, iPhone XR, or any older model, you'll need to upgrade your device to access...
WWDC 2025 Banner

Apple Announces WWDC 2025 Schedule, Including Keynote Time

Tuesday May 20, 2025 8:13 am PDT by
Apple today announced a more detailed schedule for its annual developers conference WWDC, which runs from June 9 through June 13. The schedule confirms that Apple's keynote will begin on Monday, June 9 at 10 a.m. Pacific Time, with a live stream to be available on Apple.com, in the Apple TV app, and on YouTube. During the keynote, Apple is expected to announce iOS 19, iPadOS 19, macOS 16,...
Apple Glasses Purple Feature

Apple Smart Glasses Launching in 2026

Thursday May 22, 2025 12:22 pm PDT by
Apple is planning to launch a set of smart glasses by the end of 2026, reports Bloomberg. The glasses will be comparable to the Meta Ray-Bans and the Android XR glasses that Google showed off earlier this week. Apple's smart glasses are expected to include cameras, microphones, and AI capabilities, much like the Meta Ray-Bans. The glasses will be able to take photos, record video, provide...
macOS 16 visionOS Inspired Feature 1

macOS 16: Everything We Know So Far

Tuesday May 20, 2025 7:31 am PDT by
The Worldwide Developers Conference (WWDC), Apple's annual developer and software-oriented event, is less than three weeks away. We haven't heard a great deal about macOS 16 ahead of its announcement this year, so we could be in for some major surprises when June 9 rolls around. Here's what we know so far about the next major update to Apple's Mac operating system. macOS 16 Name? Every year ...
maxresdefault

OpenAI Buys Jony Ive's AI Startup to 'Completely Reimagine What It Means to Use a Computer'

Wednesday May 21, 2025 10:27 am PDT by
OpenAI is acquiring io, the hardware-based AI startup co-created by Jony Ive, OpenAI announced today. Ive has been working with OpenAI CEO Sam Altman on io for two years, and the duo expects to develop a family of AI devices. In a video shared by OpenAI, Altman and Ive outlined their partnership and what they expect to create as a result of the merger. "I have a growing sense that everything ...
Apple CarPlay Ultra instrument cluster themes 01

Apple's 'CarPlay Ultra' Experience Now Available

Thursday May 15, 2025 5:07 am PDT by
Apple today announced that its next-generation CarPlay experience, now dubbed "CarPlay Ultra" begins rolling out today, starting with Aston Martin vehicles. Subscribe to the MacRumors YouTube channel for more videos. CarPlay Ultra is now available with new Aston Martin vehicle orders in the U.S. and Canada. It will also be available for existing models that feature the brand's next-generation ...

Top Rated Comments

blazerunner Avatar
41 months ago
No! Not Apple! Not this fine upstanding company with a squeaky clean record!
Score: 24 Votes (Like | Disagree)
Pro_the_legend Avatar
41 months ago
And they want people to trust them with things like CSAM… lol
Score: 22 Votes (Like | Disagree)
gaximus Avatar
41 months ago

Unfortunate but human being aren't infallible.
Which is exactly why a backdoor will always fail. The only way to have true privacy, is if Apple encrypted the data from themselves too, meaning that they can't give the information, if they don't know who they have information on.
Score: 17 Votes (Like | Disagree)
IllinoisCorn Avatar
41 months ago
I am SUPER excited for the sweaty video Rene Ritchie will make defending Apple. Grade A propaganda. He's probably on the phone with Apple PR people as I type this....
Score: 16 Votes (Like | Disagree)
boast Avatar
41 months ago
Can't wait for the law enforcement backdoors on the iPhones so hackers can take even better advantage instead of just iCloud data for now.
Score: 13 Votes (Like | Disagree)
BootsWalking Avatar
41 months ago
Hopefully the final nail in the coffin for Apple thinking anyone will trust their competence and execution for the proposed CSAM child pornography reporting tool.
Score: 10 Votes (Like | Disagree)