A human life goes through various different trends over the course of its duration. Each trend plays an important role in regards to shaping our personality, but some are notably more important than others. If we are to take a fitting example here, we can look at the famous technology trend and the impact it has had since arriving. You see, while continuous progression isn’t quite a foreign concept for human beings, what technology did was still outright unprecedented. This is because no other creation, as ingenious as it might have been, has ever managed to restructure the world’s whole identity. Hence, for technology to do that and then also achieve granular level success puts it way ahead all the other ideas. Now, it is essential that we acknowledge the creation’s positives, but to complete the conversation, you almost have to mention the downside as well. This downside touches upon some notable elements, and among them is the big issue of cybersecurity. The world’s technological prowess and our concerns over digital safety have grown rather in parallel through the years. In fact, with the surface for attack getting bigger every day, we are, right now, more vulnerable than we have ever been, and the same was confirmed by a recent Bloomberg report.
According to Bloomberg, Apple and Meta accidentally gave away user data to the hackers, who led the companies to believe that it was an emergency data request from law enforcement. You see, it’s not unusual for law enforcement agencies to request user data, as sometimes it’s needed to facilitate certain criminal investigations. The said requests always require an official subpoena, except the cases that involve a life-threatening situation in any capacity, thus giving the hackers one huge loophole to exploit. When you look deep into it, you’ll notice how dangerously easy it is to steal sensitive user data this way. According to a separate report from Krebs on Security, the hacker starts off by gaining access to a police department’s email system. With official government emails in their corner, the threat-actor is able to create a fake emergency data request and send it to various data-heavy companies.
Coming back to our latest casualties, the slip-up on Apple and Meta’s part happened around mid-2021. The data they gave away included IP addresses, phone numbers, and home addresses.
“We review every data request for legal sufficiency and use advanced systems and processes to validate law enforcement requests and detect abuse,” said Andy Stone, Meta’s policy and communications director. “We block known compromised accounts from making requests and work with law enforcement to respond to incidents involving suspected fraudulent requests, as we have done in this case.”
Apart from Apple and Meta, we have seen many other big names coming up against a similar type of attack, with companies like Snapchat and Discord also making the list.