Both Apple and Meta were the victims of social engineering scams that caused them to simply giveaway user personal information. I am not going to call this sophisticated – actually it was quite simple – the cyber criminals, studied how an Emergency Data Requests (EDR) operated and then spoofed that process to companies that can afford the best cyber security in world – and won.
Fraudsters use ‘fake emergency data requests’ to steal info • The Register
Hackers Using Fake Police Data Requests against Tech Companies – Schneier on Security
This is where good staff training in social engineering cyber security and policies and procedures that support this training are essential. We have a course and the tools for that:
