fbpx
Stylish and compact, these new Canon instant printers make creative pursuits easyRead more Nigerian Law Enforcement agencies open investigations on Hawilti and company executives for criminal breach of trust, cheating, defrauding investors schemeRead more Famine looms in Somalia, but many ‘hunger hotspots’ are in deep troubleRead more Launch of the 3rd Edition of the Choiseul Africa Business Forum, a Must-Attend Event for the Business Community in Africa October 19th & 20th, 2022 in Casablanca, MoroccoRead more World’s Biggest Afrobeats Music Festival Afro Nation Extends Partnership with APO Group until 2025Read more Master Trainer (MT) National Meeting on Sustainable Coffee Practices Organized by The International Islamic Trade Finance Corporation in Collaboration with The Sustainable Coffee Platform of Indonesia (SCOPI)Read more Thai Ambassador met the Thai Community in Dar es Salaam and Zanzibar and visited the Buddhist Temple in TanzaniaRead more Generation Africa awards US$100,000 to two young agripreneurs from Kenya and Uganda in the fourth annual GoGettaz Agripreneur Prize Competition at the African Green Revolution Forum Summit in Kigali, RwandaRead more Medicaid Cancer Foundation and AstraZeneca celebrate Prostate Cancer Awareness month with the launch of Project Icon NigeriaRead more Petroleum Directorate of Sierra Leone to Shape Upstream Dialogue as a Bronze Sponsor at African Energy Week 2022Read more

Hackers got user data from Meta with forged request

show caption
Hackers have used phony law enforcement or government requests to steal user information from Facebook parent Meta./AFP
Print Friendly and PDF

Mar 31, 2022 - 04:19 AM

SAN FRANCISCO — Facebook owner Meta gave user information to hackers who pretended to be law enforcement officials last year, a company source said Wednesday, highlighting the risks of a measure used in urgent cases.

Imposters were able to get details like physical addresses or phone numbers in response to falsified “emergency data requests,” which can slip past privacy barriers, said the source who requested anonymity due to the sensitivity of the matter.

Criminal hackers have been compromising email accounts or websites tied to police or government and claiming they can’t wait for a judge’s order for information because it’s an “urgent matter of life and death,” cyber expert Brian Krebs wrote Tuesday.

Bloomberg news agency, which originally reported Meta being targeted, also reported that Apple had provided customer data in response to forged data requests.

Apple and Meta did not officially confirm the incidents, but provided statements citing their policies in handling information demands.

When US law enforcement officials want data on a social media account’s owner or an associated cell phone number, they must submit an official court-ordered warrant or subpoena, Krebs wrote.

But in urgent cases authorities can make an “emergency data request,” which “largely bypasses any official review and does not require the requestor to supply any court-approved documents,” he added.

Meta, in a statement, said the firm reviews every data request for “legal sufficiency” and uses “advanced systems and processes” to validate law enforcement requests and detect abuse.

“We block known compromised accounts from making requests and work with law enforcement to respond to incidents involving suspected fraudulent requests, as we have done in this case,” the statement added.

Apple noted its guidelines, which say that in the case of an emergency application “a supervisor for the government or law enforcement agent who submitted the… request may be contacted and asked to confirm to Apple that the emergency request was legitimate.”

Krebs noted that the lack of a unitary, national system for these type of requests is one of the key problems associated with them, as companies end up deciding how to deal with them.

“To make matters more complicated, there are tens of thousands of police jurisdictions around the world — including roughly 18,000 in the United States alone — and all it takes for hackers to succeed is illicit access to a single police email account,” he wrote.

LMBCNEWS.COM uses both Facebook and Disqus comment systems to make it easier for you to contribute. We encourage all readers to share their views on our articles and blog posts. All comments should be relevant to the topic. By posting, you agree to our Privacy Policy. We are committed to maintaining a lively but civil forum for discussion, so we ask you to avoid personal attacks, name-calling, foul language or other inappropriate behavior. Please keep your comments relevant and respectful. By leaving the ‘Post to Facebook’ box selected – when using Facebook comment system – your comment will be published to your Facebook profile in addition to the space below. If you encounter a comment that is abusive, click the “X” in the upper right corner of the Facebook comment box to report spam or abuse. You can also email us.