Apple Allegedly Provided User Data to Hackers That Forged Legal Requests

by

Apple apparently provided some user data to a hacker group that forged legal requests for the information in a 2021 social engineering scam, reports Bloomberg, citing three sources with knowledge of what happened.

apple logo plain
The hackers masqueraded as law enforcement officials and were able to convince Apple's staff to provide them with data that included customer addresses, phone numbers, and IP addresses after sending forged "emergency data requests."

Typically, Apple provides this information with a search warrant or subpoena from a judge, but that does not apply with emergency requests because they are used in cases of imminent danger. Apple did not confirm that data had been shared, and directed Bloomberg to its law enforcement guidelines when asked for comment.

In response to a request for comment, an Apple representative referred Bloomberg News to a section of its law enforcement guidelines.

The guidelines referenced by Apple say that a supervisor for the government or law enforcement agent who submitted the request "may be contacted and asked to confirm to Apple that the emergency request was legitimate," the Apple guideline states.

Facebook parent company Meta also provided data to the same hacker group, and in a statement, Meta said that it is working with law enforcement on the suspected fraudulent requests. Information obtained from Apple, Facebook, and others has been used in harassment campaigns and could be used in financial fraud schemes.

The requests were sent from hacked email domains belonging to law enforcement officials from multiple countries, and were crafted to look legitimate with forged signatures of real or fictional law enforcement officers.

According to Bloomberg, a cybercrime group known as "Recursion Team" is linked to some of the forged legal requests that were sent to various companies in 2021. Some of the hackers are believed to be minors located in the United States and United Kingdom, and at least one of the minors involved has also participated in the Lapsus$ group that attacked Microsoft, Samsung, and Nvidia.

As The Verge pointed out earlier today, Lapsus$ shared a post on Telegram claiming to have stolen 70GB of data from international software developer Globant, and screenshots of the data captured show a folder called "apple-health-app." What's in that folder and whether it contains data obtained from Apple is unclear.

Tag: Hack

Popular Stories

iPhone 17 Pro Dark Blue and Orange

iPhone 17 Release Date, Pre-Orders, and What to Expect

Thursday August 28, 2025 4:08 am PDT by
An iPhone 17 announcement is a dead cert for September 2025 – Apple has already sent out invites for an "Awe dropping" event on Tuesday, September 9 at the Apple Park campus in Cupertino, California. The timing follows Apple's trend of introducing new iPhone models annually in the fall. At the event, Apple is expected to unveil its new-generation iPhone 17, an all-new ultra-thin iPhone 17...
Read Full Article55 comments
crossbody strap

iPhone 17's 'Crossbody Strap' Accessory to Feature Magnetic Design

Thursday August 28, 2025 7:49 am PDT by
Apple's cases for the iPhone 17 lineup will be accompanied by a new Crossbody Strap accessory with a unique magnetic design, according to the leaker known as "Majin Bu." Apple's Crossbody Strap reportedly features an unusual magnetic design; it likely has a "flexible metal core" that makes it magnetic along its entire length. At the ends, "rings polarized oppositely to the strap close the...
Read Full Article109 comments
xiaomi apple ad india

Apple and Samsung Push Back Against Xiaomi's Bold India Ads

Friday August 29, 2025 4:54 am PDT by
Apple and Samsung have reportedly issued cease-and-desist notices to Xiaomi in India for an ad campaign that directly compares the rivals' devices to Xiaomi's products. The two companies have threatened the Chinese vendor with legal action, calling the ads "disparaging." Ads have appeared in local print media and on social media that take pot shots at the competitors' premium offerings. One...
Read Full Article195 comments
Awe Dropping Apple Event Feature

Five Things to Expect From Apple's 'Awe Dropping' September 9 Event

Tuesday August 26, 2025 4:17 pm PDT by
Apple today announced its "Awe Dropping" iPhone-centric event, which is set to take place on Tuesday, September 9 at 10:00 a.m. Pacific Time. There are a long list of products that are coming, but we thought we'd pull out five feature highlights to look forward to. That Super Thin iPhone - Apple's September 9 event will see the unveiling of the first redesigned iPhone we've had in years, ...
Read Full Article112 comments

Top Rated Comments

blazerunner Avatar
blazerunner
45 months ago
No! Not Apple! Not this fine upstanding company with a squeaky clean record!
Score: 24 Votes (Like | Disagree)
Pro_the_legend Avatar
Pro_the_legend
45 months ago
And they want people to trust them with things like CSAM… lol
Score: 22 Votes (Like | Disagree)
gaximus Avatar
gaximus
45 months ago

Unfortunate but human being aren't infallible.
Which is exactly why a backdoor will always fail. The only way to have true privacy, is if Apple encrypted the data from themselves too, meaning that they can't give the information, if they don't know who they have information on.
Score: 17 Votes (Like | Disagree)
IllinoisCorn Avatar
IllinoisCorn
45 months ago
I am SUPER excited for the sweaty video Rene Ritchie will make defending Apple. Grade A propaganda. He's probably on the phone with Apple PR people as I type this....
Score: 16 Votes (Like | Disagree)
boast Avatar
boast
45 months ago
Can't wait for the law enforcement backdoors on the iPhones so hackers can take even better advantage instead of just iCloud data for now.
Score: 13 Votes (Like | Disagree)
BootsWalking Avatar
BootsWalking
45 months ago
Hopefully the final nail in the coffin for Apple thinking anyone will trust their competence and execution for the proposed CSAM child pornography reporting tool.
Score: 10 Votes (Like | Disagree)
Read All Comments