Law enforcement send "emergency" requests to tech giants when they believe it's necessary to stop an immediate threat. Hackers are taking advantage of that - The problem, as TechCrunch first reported, is that these requests are often sent to the tech giants through specific email addresses. And of course, persistent hackers are pretty good at breaking into email accounts, especially ones that often aren’t two-factor secured—but even those are penetrable through hacks like SIM swapping
The FBI said in its advisory that it had seen several public posts made by known cybercriminals over 2023 and 2024, claiming access to email addresses used by U.S. law enforcement and some foreign governments
The advisory said that the cybercriminals were successful in masquerading as law enforcement by using compromised police accounts to send emails to companies requesting user data
The FBI’s public notice filed this week is a rare admission from the federal government about the threat from fraudulent emergency data requests
https://www.documentcloud.org/documents/25281365-fbi-ic3-notice-241104
abuse of emergency data requests is not new, and has been widely reported
https://krebsonsecurity.com/2022/03/hackers-gaining-power-of-subpoena-via-fake-emergency-data-requests/
in recent years
https://www.bloomberg.com/news/articles/2022-03-30/apple-meta-gave-user-data-to-hackers-who-forged-legal-requests