According to a Bloomberg article, Apple and Meta turned up user data to hackers who imitated emergency data request requests routinely made by law authorities. Both organizations fell for the fraudulent requests in mid-2021, and provided information regarding consumers' IP addresses, phone numbers, and home locations.

According to a recent analysis from Krebs on Security, fake emergency data demands are growing more regular. Hackers must first obtain access to a police department's email systems in order to launch an attack. The hackers can then impersonate a law enforcement authority and create an emergency data request that highlights the possible threat of not receiving the sought data immediately. According to Krebs, some hackers are offering access to government emails on the dark web, expressly for the purpose of impersonating emergency data requests on social media sites.

In the course of criminal investigations, law enforcement officials frequently seek data from social media sites, allowing them to learn more about the owner of a certain online account. Emergency data requests, on the other hand, do not require a subpoena or search warrant issued by a court and are designed for cases involving life-threatening conditions.


According to Krebs, the bulk of criminal actors that carry out these bogus requests are teens, and cybersecurity analysts suspect the young mastermind behind the Lapsus$ hacking gang might be participating in this sort of fraud. Since then, seven teenagers have been detained in connection with the gang.

Last year's run of attacks, on the other hand, might have been carried out by members of the Recursion Team cybercriminal gang. Despite the fact that the organization has disintegrated, several members have joined Lapsus$ under new names. Beginning in January 2021, hackers gained access to the accounts of law enforcement agencies in numerous countries and targeted a number of organizations, according to officials engaged in the probe.