Apple and headquarters provided basic subscription information, such as customer address, phone number, and IP address, in mid-2021 in response to “emergency requests” from hackers forged by law enforcement services, typically only with a search warrant or summons signed by a judge. However, emergency applications do not require a court order.
Cyber security researchers suspect that some of the hackers who submit the fake requests are minors located in the UK and US. The City of London recently arrested seven people in connection with an investigation by the Lapsus $ burglary group; the investigation continues.
An Apple representative referred Bloomberg to some of the law enforcement guidelines. The guidelines that Apple refers to say that a government inspector or law enforcement agent who filed the application “can be contacted and asked to confirm to Apple that the emergency request is legitimate,” the Apple directive said.
The information obtained by the hackers through the fake legal requests was used to enable harassment campaigns, according to one of the people familiar with the investigation. The three people said it could be used primarily to be used for financial fraud. By knowing the victim’s information, hackers can use it to assist in attempting to circumvent account security.