The FBI has issued a warning about hackers who are accessing private user information—such as emails and phone numbers—by exploiting compromised government and police email addresses to submit fraudulent “emergency” data requests to U.S.-based tech companies.
This week’s public notice from the FBI marks a rare acknowledgment by federal authorities of the threat posed by these fraudulent emergency data requests. Such requests are typically intended to help law enforcement and government officials obtain data from companies to address urgent threats to life or property. However, these processes have been exploited by criminals in recent years, and the FBI has now reported an increase in these activities, particularly around August, driven by cybercriminals advertising access to or conducting fraudulent emergency data requests online.
The FBI's advisory states that cybercriminals are likely leveraging compromised U.S. and foreign government email addresses to pose as law enforcement, submitting fake emergency data requests to U.S. companies. This exposes users’ private information, such as emails, phone numbers, and other sensitive data, which can then be exploited for criminal activities like harassment, doxing, and financial fraud.
Typically, law enforcement in the U.S. requires legal authorization—either through court orders or subpoenas—to access private data stored by companies. Emergency data requests, however, allow for urgent access when immediate risks exist and no time for a court order. It is these emergency requests that criminals are now exploiting.
The FBI reported seeing cybercriminals publicly claiming access to law enforcement email accounts used by U.S. police and some foreign governments, using this access to send fraudulent subpoenas and legal demands to companies seeking user data. These fraudulent requests often cited false threats, such as claims of human trafficking or threats to a person’s safety, to create urgency and pressure companies into disclosing private user information.
The FBI warned that while not all fraudulent attempts are successful, many have resulted in companies providing sensitive user data such as usernames, emails, phone numbers, and other personal information.
The issue has been previously reported, notably in a 2022 Bloomberg report that revealed hackers targeting companies like Apple, Meta, Snap, and Discord through fraudulent emergency data requests. These companies handle vast amounts of user information and receive tens of thousands of such requests annually.
The FBI urged law enforcement and private companies to enhance their cybersecurity practices, recommending the use of strong passwords, multi-factor authentication, and critical thinking when evaluating any emergency data requests, emphasizing that cybercriminals are increasingly exploiting urgent situations.