Minors and young women, blackmailed or sexually exploited under threat of publication of compromising data obtained directly from Google and Apple

Whether you realize it or not, the truth is that big tech companies, like Google and Apple, know almost everything there is to know about your personal life, including “those” events that you already consider past and forgotten. What if you were contacted by a complete stranger tomorrow to remind you of the party from which you thought you had already deleted all the pictures, asking for various favors to stop sending them to family members and all your acquaintances? Well, that’s exactly what would have happened to a not insignificant number of users of Google, Apple, Snap, Twitter, Meta (Facebook, WhatsApp, Instagram) and Discord, enter the sights of hackers who asked and then got directly from the source all the data collected by the respective technology companies, impersonating representatives of the authorities entitled by law to obtain this information, under the pretext of fictitious investigations targeting alleged illegalities.

Read:  Gorilla Glass Victus 2 promises greater resistance to impact with concrete

Under US law, requests for the transfer of users’ personal data may be sent without a court order, with the representatives of the technology companies determining whether they are justified or not. If the request is accepted, then the data is transferred without any other obligation or consequences for the company. Instead, too many refusals could arouse antipathy from political factors, with undesirable consequences for future business. Thus, the trend has been to accept requests for information without too much hesitation, as long as the approach seemed legitimate.

Predictably, the vulnerability left was soon discovered and exploited by criminal organizations and opportunistic criminals, as a shortcut to obtaining “bundled” all the data about the selected target, without breaking a single password.

Read:  Motorola Moto E32 receives images and preliminary list of specifications

According to reports from Bloomberg, the scheme was based on a simple telephone request, in which the attacker took on the role of a police officer requesting the provision of information to facilitate an alleged investigation. “Technology companies should implement a call confirmation policy, as well as force law enforcement to use dedicated portals where they can better detect account hijacking,” said Alex Stamos, a former Facebook security officer.

Instead, a Facebook representative said the platform analyzes all data requests for “legal sufficiency and uses advanced systems and processes to validate law enforcement claims and detect abuse.”

The Best Online Bookmakers March 28 2024

BetMGM Casino

Bonus

$1,000