Scammers Impersonate Police to Steal Private Data From Tech Giants
▼ Summary
– A hacker impersonating a police officer tricked Charter Communications into quickly providing a target’s sensitive personal data via an emergency request.
– The hacker belongs to a group offering “doxing-as-a-service” and claims to have successfully extracted data from nearly every major US tech company.
– The hacker group shared evidence of hundreds of successful fake requests and indicated a current law enforcement officer may be collaborating with them.
– Despite being a known method for years, companies appear unable to effectively close this loophole for verifying emergency data requests.
– The incident highlights how easily obtained personal information can be weaponized for harassment, with the hackers expressing indifference to the consequences.
A disturbing new wave of cybercrime involves hackers impersonating law enforcement to trick major technology companies into surrendering private customer data. These criminals operate a “doxing-as-a-service” model, where they sell highly sensitive personal information obtained through fraudulent legal requests. The scheme exploits a critical vulnerability in how corporations handle emergency data disclosures, putting countless individuals at risk of harassment and intimidation.
In one recent case, a privacy specialist at Charter Communications quickly complied with an email request for a customer’s personal details. The message appeared to come from Officer Jason Corse of the Jacksonville Sheriff’s Office. Within minutes, the company sent the target’s name, home address, phone numbers, and email address. The request, however, was entirely fake. It originated from a hacker known as “Exempt,” a member of a group that provides stolen data to paying clients.
Exempt told reporters that this particular operation took only twenty minutes. He boasts that his group has successfully extracted similar information from nearly every major U.S. tech firm, including giants like Apple and Amazon, as well as platforms like the video-sharing site Rumble. The group shares documents and recordings to back their claims, showing fake subpoenas, company responses, and even a video call with a corporate law enforcement response team.
The Jacksonville Sheriff’s Office confirmed the impersonation is a serious concern. “It is definitely concerning to hear criminals impersonating officers in such a manner, more so when they are claiming to be one of our employees,” stated media relations manager Christian Hancock. The real Officer Corse declined to comment.
Exempt claims to have made up to 500 successful fraudulent requests in recent years. The hackers’ method is alarmingly simple. They send forged emergency data requests or fake legal orders to company compliance teams, who often process them under pressure without thorough verification. Despite years of warnings about this tactic, many corporations appear to have done little to close the security loophole.
Perhaps most alarming is the alleged involvement of a current law enforcement officer. Evidence suggests an officer, whose identity and location were withheld, was in contact with the group about submitting fraudulent requests from an official account in exchange for a share of the profits. This potential insider collaboration highlights the sophisticated and brazen nature of the threat.
The victim in the Charter case, identified only as a gamer from New York, did not respond to requests for comment. When asked if he worried about how the obtained information was used, Exempt callously replied, “I usually do not care.” This indifference underscores the grave danger posed by these services, which weaponize personal data with no regard for the consequences to the targeted individuals.
This ongoing crisis reveals a systemic failure in data protection protocols. As these doxing-for-hire groups continue to operate with impunity, the urgent need for more robust verification processes at every major company holding sensitive user data has never been clearer. The safety and privacy of millions depend on it.
(Source: Wired)
