Tech giants were reportedly fooled into giving up data that was used to sexually extort minors, a new Bloomberg report claims. Four federal law enforcement officials and two industry investigators told Bloomberg that major tech companies were duped by fraudulent legal requests to give up sensitive information about customers.
This data has reportedly been used to harass and even "sexually extort minors." Companies that seem to have been duped by fake requests include Facebook's parent company Meta, Apple, Google, Snap, Twitter, and Discord.
According to the sources, this illegally obtained data was used to target specific women and minors. In fact, in some cases, the victims were subdued into sharing sexual material. If they refused, they were threatened with retaliation, six people told Bloomberg. This tactic is being used by criminals to not only make financial gains from victims but also to harass them.
The scariest part is perhaps that these attackers were successfully able to impersonate law enforcement officers, leaving victims with no protection. According to people close to the matter, the best way to evade this extortion is by not using the service altogether.
All requests appear to be coming from real police agencies, and tech companies are currently assessing the depth of this problem. One thing is clear though, that tech companies may have been handing out sensitive information about users to criminals and putting their customers at high risk.
Also read:?Apple & Meta Gave Sensitive User Data To Hackers Posing As Officials, Report Says
This method to extort and harass users has gained momentum in the recent months. At the core of this issue is the fact that emergency requests do not require a court order signed off by a judge. This means that companies aren't obligated to divulge any information, but they end up doing so in "good faith."
Just last month, a different report highlighted how Apple and Meta provided customer data to hackers who were posing as law enforcement officials.
It seems that attackers compromise the email system of a foreign law enforcement agency. Once that is done, they send out an "emergency data request" to a tech giant like Meta and Apple.
Such data is usually obtained by police agencies in cases where imminent danger is possible. These include suicide, murder, and abductions. Tech companies, in response, provide the attacker with basic information about the user. This information usually includes the name, IP address, email address, and physical address.
Also read:?Apple's New Child Safety Feature Will Scan iPhone Messages For Nude Images
Such data in the wrong hands may used to harass and extort users.
What do you think - should tech companies do more verification checks before handing out personal user information? Let us know in the comments below.?For more in the world of?technology?and?science, keep reading?Indiatimes.com.?
References
Bloomberg (April, 2022).?Tech Giants Duped Into Giving Up Data Used to Sexually Extort Minors.