Security News > 2022 > April > Crooks use fake emergency data requests to get personal info out of Big Tech – report

Cybercriminals have used fake emergency data requests to steal sensitive customer data from service providers and social media firms.

As infosec journalist Brian Krebs first reported, some miscreants are using stolen police email accounts to send fake EDR requests to companies to obtain netizens' info.

Large internet and other service providers have entire departments that review these requests and do what they can to get the police emergency data requested as quickly as possible, Mark Rasch, a former prosecutor with the US Department of Justice, told Krebs.

Shutterfly disclosed cybercriminals stole employees data during a December 2021 ransomware attack.

According to an analysis by threat intelligence firm Recorded Future of ransomware enforcement operations in 2020 and 2021, law enforcement agencies around the globe aren't equipped to respond to ransomware outbreaks.

While the Europol report doesn't provide any numbers to illustrate how under-reported ransomware is, it noted "Several law enforcement authorities mentioned identifying ransomware cases through media and approaching victims to assist them by potentially starting a criminal investigation."

News URL

https://go.theregister.com/feed/www.theregister.com/2022/04/02/in_brief_security/