The FBI warns that cybercriminals are sending fake police data requests to large tech companies to steal individuals' private information.

The FBI has issued a warning about an increase in cases of hackers obtaining personal information from users, such as emails and phone numbers, originating from tech companies in the U.S. These attacks are being carried out through the hacking of emails from government agencies and police to submit "emergency" data requests. This public notice is one of the few occasions when the federal government acknowledges the threat posed by these fraudulent requests, a legal mechanism designed for authorities to respond to situations of immediate risk to life or property.

The exploitation of emergency data requests is not a recent phenomenon, as it has been widely documented in recent years. However, the FBI indicated that it has experienced an "increase" in online criminal postings since August, where access was offered or these fraudulent requests were made, which is why it decided to issue a public notice to raise awareness about the problem. According to the FBI, "cybercriminals are exploiting compromised email addresses from government entities, both in the U.S. and abroad, to make fraudulent emergency data requests to U.S. companies, exposing personal information of customers for criminal purposes."

Law enforcement in the U.S. generally requires legal justification to gain access to private data stored by companies. Typically, they need to present evidence of a potential crime before a judge issues a search warrant that authorizes the request for such private content. They may also issue subpoenas, which do not require judicial intervention, to collect basic user information, such as usernames, email addresses, and phone numbers. In situations of immediate risk, emergency requests can be made, a process that allows authorities to urgently request information.

The FBI has detected postings by cybercriminals throughout 2023 and 2024, in which they claimed to have access to emails from local law enforcement agencies and foreign governments. This access has been used to send fraudulent subpoenas and other legal demands to companies in the U.S. seeking users' private data stored in their systems. Hackers have managed to impersonate law enforcement authorities by using compromised accounts, sending emails to companies with user data requests. In some cases, the requests cited false threats, alleging situations such as human trafficking.

The FBI stated that, although these attempts at fraudulent requests do not always succeed, the information requested is often used for harassment, doxing, and financial fraud schemes. Previous reports detailed that hackers had obtained user data from major companies like Apple and Meta through these fraudulent requests. Additionally, it was noted that in 2021, groups primarily composed of young individuals had carried out these practices, highlighting the Recursion Team and Lapsus$ groups.

Finally, the FBI urged security organizations to improve their cybersecurity to prevent intrusions by implementing stronger passwords and two-factor authentication. It also warned companies about the importance of applying critical thinking to any emergency data request received, reminding that cybercriminals understand the urgency of such situations.