Apple Allegedly Provided User Data to Hackers That Forged Legal Requests

Apple apparently provided some user data to a hacker group that forged legal requests for the information in a 2021 social engineering scam, reports Bloomberg, citing three sources with knowledge of what happened.

apple logo plain
The hackers masqueraded as law enforcement officials and were able to convince Apple's staff to provide them with data that included customer addresses, phone numbers, and IP addresses after sending forged "emergency data requests."

Typically, Apple provides this information with a search warrant or subpoena from a judge, but that does not apply with emergency requests because they are used in cases of imminent danger. Apple did not confirm that data had been shared, and directed Bloomberg to its law enforcement guidelines when asked for comment.

In response to a request for comment, an Apple representative referred Bloomberg News to a section of its law enforcement guidelines.

The guidelines referenced by Apple say that a supervisor for the government or law enforcement agent who submitted the request "may be contacted and asked to confirm to Apple that the emergency request was legitimate," the Apple guideline states.

Facebook parent company Meta also provided data to the same hacker group, and in a statement, Meta said that it is working with law enforcement on the suspected fraudulent requests. Information obtained from Apple, Facebook, and others has been used in harassment campaigns and could be used in financial fraud schemes.

The requests were sent from hacked email domains belonging to law enforcement officials from multiple countries, and were crafted to look legitimate with forged signatures of real or fictional law enforcement officers.

According to Bloomberg, a cybercrime group known as "Recursion Team" is linked to some of the forged legal requests that were sent to various companies in 2021. Some of the hackers are believed to be minors located in the United States and United Kingdom, and at least one of the minors involved has also participated in the Lapsus$ group that attacked Microsoft, Samsung, and Nvidia.

As The Verge pointed out earlier today, Lapsus$ shared a post on Telegram claiming to have stolen 70GB of data from international software developer Globant, and screenshots of the data captured show a folder called "apple-health-app." What's in that folder and whether it contains data obtained from Apple is unclear.

Tag: Hack

Top Rated Comments

blazerunner Avatar
8 weeks ago
No! Not Apple! Not this fine upstanding company with a squeaky clean record!
Score: 24 Votes (Like | Disagree)
Pro_the_legend Avatar
8 weeks ago
And they want people to trust them with things like CSAM… lol
Score: 22 Votes (Like | Disagree)
gaximus Avatar
8 weeks ago

Unfortunate but human being aren't infallible.
Which is exactly why a backdoor will always fail. The only way to have true privacy, is if Apple encrypted the data from themselves too, meaning that they can't give the information, if they don't know who they have information on.
Score: 17 Votes (Like | Disagree)
IllinoisCorn Avatar
8 weeks ago
I am SUPER excited for the sweaty video Rene Ritchie will make defending Apple. Grade A propaganda. He's probably on the phone with Apple PR people as I type this....
Score: 16 Votes (Like | Disagree)
boast Avatar
8 weeks ago
Can't wait for the law enforcement backdoors on the iPhones so hackers can take even better advantage instead of just iCloud data for now.
Score: 13 Votes (Like | Disagree)
BootsWalking Avatar
8 weeks ago
Hopefully the final nail in the coffin for Apple thinking anyone will trust their competence and execution for the proposed CSAM child pornography reporting tool.
Score: 10 Votes (Like | Disagree)

Related Stories

google app safety

Google Launches Privacy Labels for Google Play Apps

Tuesday April 26, 2022 9:08 am PDT by
Google today followed in Apple's footsteps and launched a version of privacy labels for its own apps, with the aim of providing Google Play users with more information about the data that the apps they download are collecting. First announced back in May 2021, Google's "Data safety" section will require developers to provide information about how their apps collect, share, and secure user...
apple watch emergency sos call feature

Apple Watch to Eventually Gain Satellite Connectivity Feature for SOS and Emergency Contacts

Tuesday April 12, 2022 6:08 am PDT by
Apple plans to bring satellite connectivity to the Apple Watch in the future, which would allow for emergency texting and SOS response features directly on a wearer's wrist, Bloomberg reports. Before the iPhone 13 launch last fall, a flurry of reports had suggested the 2021 iPhone lineup would feature "LEO," or satellite connectivity. Satellite connectivity would enable the iPhone to send...
European Commisssion

European Commission to Release Draft Law Enforcing Mandatory Detection of Child Sexual Abuse Material on Digital Platforms

Wednesday May 11, 2022 2:21 am PDT by
The European Commission is set to release a draft law this week that could require tech companies like Apple and Google to identify, remove and report to law enforcement illegal images of child abuse on their platforms, claims a new report out today. According to a leak of the proposal obtained by Politico, the EC believes voluntary measures taken by some digital companies have thus far...
apple logo us flag smooth

U.S. Government to Investigate Sideloading and Web App Restrictions on iOS

Friday April 29, 2022 5:40 am PDT by
The National Telecommunications and Information Administration (NTIA) has launched an investigation into competition in mobile app ecosystems. On behalf of the United States Department of Commerce, the NTIA is now requesting comments about competition in mobile app ecosystems. The investigation was triggered by an executive order on Promoting Competition in the American Economy from July...
apple search ads app store

Apple's Internal Data Shows Many iOS 15 Users Turn Off Personalized Ads With Minimal Impact on App Store Search Ads

Wednesday May 11, 2022 9:59 am PDT by
Starting with iOS 15 and iPadOS 15, Apple introduced a new "Personalized Ads" toggle during the setup process that makes it easier for users to turn off personalized ads in Apple apps such as the App Store, Apple News, and Stocks. In a presentation shared with advertisers, obtained by MacRumors, Apple cited internal data showing that, in the first quarter of 2022, 78% of iOS 15 and iPadOS 15 ...
apple maps camera backpack

Apple Maps Launches New Pedestrian Surveys Across the UK to Gather Data and Expand Look Around

Monday March 28, 2022 7:04 am PDT by
Apple has today begun new ground surveys across various regions of the United Kingdom, including London, Manchester, and Birmingham, to gather pedestrian data for Apple Maps (via Bloomberg). Apple will use cameras and sensors mounted on pedestrian backpacks to gather map data in Berkshire, Greater London, Greater Manchester, Staffordshire, and the West Midlands, across over 85 specific towns ...
Whatsapp Feature

WhatsApp to Let Users Leave Group Chats 'Silently' and View Rich Link Previews in Status Updates

Tuesday May 17, 2022 3:07 am PDT by
WhatsApp is working on a new feature that will allow users to "silently" leave group chats hosted by the messaging platform instead of all members of the group being notified when they do. As it stands, when someone leaves a group chat, WhatsApp announces their exit to the entire group, making the act of leaving very public. It's not possible right now to leave a group quietly, but WhatsApp...
iOS 15

Apple Seeds iOS 15.5 and iPadOS 15.5 Release Candidates to Developers and Public Beta Testers

Thursday May 12, 2022 10:04 am PDT by
Apple today seeded the release candidate versions of upcoming iOS 15.5 and iPadOS 15.5 updates to developers and public beta testers for testing purposes, with the new software coming one week following the release of the fourth betas. Developers can download iOS 15.5 and iPadOS 15.5 through the Apple Developer Center or over the air after the proper profile has been installed on an iPhone...

Popular Stories

iPhone 14 Pro Purple Front and Back MacRumors Exclusive

iPhone 14 Pro Renders Highlight Multiple Design Changes

Wednesday May 25, 2022 8:56 am PDT by
Leaker Jon Prosser today shared ostensibly accurate renders of the iPhone 14 Pro, providing the most accurate look yet at what the device could look like when it launches later this year. In the latest video on YouTube channel Front Page Tech, Prosser revealed renders of the iPhone 14 Pro made by Apple concept graphic designer Ian Zelbo, highlighting a range of specific design changes...
iPhone 13 Always On Feature

iPhone 14 Pro Screen Refresh Rate Upgrade Could Allow for Always-On Display

Tuesday May 24, 2022 7:23 am PDT by
Last year's iPhone 13 Pro models were the first of Apple's smartphones to come with 120Hz ProMotion displays, and while the two iPhone 14 Pro models will continue to feature the technology, their screens could well boast expanded refresh rate variability this time round. To bring ProMotion displays to the ‌iPhone 13 Pro models‌, Apple adopted LTPO panel technology with variable refresh...
iPad Pro USB C Feature Coral

Deals: Apple's iPad Pro Reaches Up to $449 Off in Amazon's Latest Sales

Wednesday May 25, 2022 10:09 am PDT by
Amazon is marking down a wide variety of 11-inch and 12.9-inch iPad Pro models this week, with prices starting as low as $749.00 for the 11-inch tablet. You'll find the full list of sales below, all of which can be found on Amazon. Note: MacRumors is an affiliate partner with some of these vendors. When you click a link and make a purchase, we may receive a small payment, which helps us keep...
apple account card

Wallet App Now Supports Apple Account Cards on iOS 15.5

Wednesday May 25, 2022 5:01 pm PDT by
Apple appears to have recently updated the Wallet app to allow users to add an Apple Account Card, which displays the Apple credit balance associated with an Apple ID. If you receive an App Store or Apple Store gift card, for example, it is added to an Apple Account that was previously visible in the App Store and Apple Store apps. As of today, the Apple Account balance can also be added to...
Apple Tap to Pay iPhone

Apple Stores Rolling Out iPhone-to-iPhone Contactless Payments Starting Today

Wednesday May 25, 2022 6:54 am PDT by
Apple in February unveiled a new "Tap to Pay on iPhone" feature that will allow compatible iPhones to accept payments via Apple Pay, contactless credit and debit cards, and other digital wallets, with no additional hardware required. Apple began testing the feature at its Apple Park Visitor Center earlier this month, and now Bloomberg's Mark Gurman has tweeted that the feature will begin...
apple wwdc 2022

Apple Shares WWDC 2022 Schedule, Keynote to Take Place June 6 at 10:00 a.m PT

Tuesday May 24, 2022 9:06 am PDT by
Apple today confirmed that the keynote event for the Worldwide Developers Conference will begin at 10:00 a.m. Pacific Time on June 6, the first day of WWDC. The keynote will be an online-only event, though a select number of developers have been invited to the Apple Park campus for a viewing event. In addition to confirming the keynote date and time, Apple has shared the full WWDC 2022...