The news outlet, citing three people familiar with the situation, reported that the tech giants gave the information in the middle of last year to a fraudulent “emergency data request.” These requests generally are accompanied by a search warrant or subpoena, but emergency requests do not need court orders, Bloomberg added.
Snap (SNAP) was also the recipient of a forged request, but it is not clear if the Evan Spiegel-led company complied and responded.
Apple, Snap and Meta Platforms did not immediately respond to a request for comment from Seeking Alpha, but Apple pointed Bloomberg to the law enforcement guidelines posted on its website.
“If a government or law enforcement agency seeks customer data in response to an Emergency Government & Law Enforcement Information Request, a supervisor for the government or law enforcement agent who submitted the Emergency Government & Law Enforcement Information Request may be contacted and asked to confirm to Apple that the emergency request was legitimate,” the guideline states.
It’s unclear who the hackers were, but some cybersecurity researchers have speculated that it could be a group of minors in the U.S. and U.K. and may be one of members of the Lapsus$ group that hacked Nvidia (NVDA), Microsoft (MSFT) and Samsung (OTC:SSNLF) in recent weeks.
Bloomberg added that the information obtained by the hackers was used to carry out harassment campaigns, citing one of the people. The three people also noted that the information could have been used to commit financial fraud.
It’s likely that the requests were sent via hacked email domains that allowed the fraudsters access to law enforcement agencies in multiple countries and created the requests using templates.
Bloomberg also reported that Discord, an instant messaging platform, was also the recipient of a fraudulent legal request and the company told the news outlet it had complied with the request.
On Wednesday, Apple (AAPL) started allowing certain apps, including Netflix (NFLX) and Spotify (SPOT), to allow sign-up links that point outside Apple’s App Store.