cyber Breach

Apple

May 3, 2022 1 min read
Apple

The customer data of Apple Inc. and Meta Platforms Inc. was leaked to hackers who impersonates themselves as law enforcement officials in a forged emergency data requests.

The leaked information included the basic subscriber details, such as a customer’s address, phone number and IP address.

The company soon blocked the known compromised accounts from making requests and worked with law enforcement to respond to incidents involving suspected fraudulent requests.

Source: https://ca.finance.yahoo.com/news/apple-meta-gave-user-data-175918825.html

TPRM report: https://scoringcyber.rankiteo.com/company/apple

"id": "app024522",
"linkid": "apple",
"type": "Breach",
"date": "03/2022",
"severity": "80",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'industry': 'Technology',
                        'location': 'Cupertino, CA, USA',
                        'name': 'Apple Inc.',
                        'size': 'Large',
                        'type': 'Corporation'},
                       {'industry': 'Technology',
                        'location': 'Menlo Park, CA, USA',
                        'name': 'Meta Platforms Inc.',
                        'size': 'Large',
                        'type': 'Corporation'}],
 'attack_vector': 'Social Engineering',
 'data_breach': {'data_exfiltration': True,
                 'personally_identifiable_information': ['address',
                                                         'phone number',
                                                         'IP address'],
                 'sensitivity_of_data': 'Medium',
                 'type_of_data_compromised': ['subscriber details']},
 'description': 'The customer data of Apple Inc. and Meta Platforms Inc. was '
                'leaked to hackers who impersonated themselves as law '
                'enforcement officials in forged emergency data requests. The '
                'leaked information included basic subscriber details, such as '
                'a customer’s address, phone number, and IP address. The '
                'companies blocked the known compromised accounts from making '
                'requests and worked with law enforcement to respond to '
                'incidents involving suspected fraudulent requests.',
 'impact': {'data_compromised': ['subscriber details',
                                 'address',
                                 'phone number',
                                 'IP address']},
 'initial_access_broker': {'entry_point': 'Forged emergency data requests'},
 'motivation': 'Data Theft',
 'response': {'containment_measures': ['Blocked known compromised accounts '
                                       'from making requests'],
              'law_enforcement_notified': True},
 'threat_actor': 'Hackers',
 'title': 'Customer Data Leak via Forged Emergency Data Requests',
 'type': 'Data Leak',
 'vulnerability_exploited': 'Impersonation of law enforcement officials'}
Published by
Harshit Kaur Bhatia
Harshit Kaur Bhatia
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.