Hackers Are Selling Hacked Police Emails to Try to Grab Personal Data From TikTok, Facebook
If you are a high-profile target, or is worth the trouble of your adversaries, here’s another way your personal data can leak.
Summary
- Hackers are selling hacked police emails on the open market.
- These emails can be used to make fraudulent Emergency Data Requests (EDRs) to social media companies like TikTok, Discord, Snapchat, Facebook, and Instagram
- EDRs are a way for law enforcement to quickly obtain user data in high-stakes situations.
- Hackers can use compromised police emails to pose as law enforcement officers and trick social media companies into handing over user data.
- This data can then be used for criminal purposes, such as harassment, extortion, or physical violence.
- Social media companies are aware of the problem and are taking steps to protect themselves, but it is an ongoing challenge.
Additional details
- The hacker who emailed the journalist claimed to have access to an FBI email account.
- Other hackers are selling emails belonging to the governments of Thailand, the UK, Germany, Bangladesh, and Nepal.
- One Telegram group where government emails are being advertised is focused on physical violence against targets.
- Social media, including Meta, Tiktok, and Discord, may have measures in place to block fraudulent EDRs.
- However, it is still possible for hackers to get through these measures, as evidenced by the cases of Apple and Meta giving up user data in response to fraudulent EDRs.
Add comment