The FBI has warned that hackers are obtaining private user information from U.S. tech companies, including email and phone numbers, by infiltrating government and police email addresses to submit "emergency" data requests.

The FBI's announcement this week is a rare acknowledgment by the federal government of the threat posed by fraudulent emergency data requests, a legal procedure designed to assist law enforcement and federal authorities in obtaining information from companies to respond to emergency threats affecting someone's life or property.

Abusing emergency data requests is nothing new and has been widely reported in recent years.

Currently, the FBI is warning that it has noticed an "increase" in online crime posts around the month, promoting access to or conducting fraudulent emergency data requests, and stating that they will be publicly released to raise awareness.

The FBI warning states: "Cybercriminals may obtain hijacked U.S. and foreign government email addresses and use them to send fraudulent emergency data requests to U.S. companies, thereby exposing customers' personal information for criminal purposes."

Law enforcement agencies in the United States generally require some form of legal basis to seek and obtain access to private data stored by companies on their servers.

Typically, for an individual's private content (such as documents, emails, or messages), the police need to provide sufficient evidence of a crime, after which a U.S. court will issue a search warrant, allowing the police to request this information from private companies.

The police can issue a subpoena (without requiring a court appearance) to request limited information about users from companies, such as their basic account information (such as username, account login name, email address, and phone number), and sometimes including their approximate location.

There is also an urgent request for procedures that allow law enforcement agencies to urgently request personal information from companies in situations where there is an emergency risk and there is no time to seek a court order.

Federal authorities stated that some cybercriminals are abusing these emergency requests.

In its report, it stated that during the years and , it discovered that known cybercriminals had posted multiple public messages claiming they could access email addresses used by US law enforcement and some foreign governments.

These access permissions were ultimately used to send fraudulent subpoenas and other legal demands to US companies, requesting the acquisition of private user data stored in their systems.

The report states that cybercriminals successfully impersonated law enforcement officers, using stolen police accounts to send emails to companies demanding user data.

In certain cases, the requests also mention false threats, such as allegations of human trafficking, with one instance claiming that an individual would "suffer great pain or death" if the company did not return the requested information.

The FBI stated that hackers exploited access to law enforcement accounts to issue seemingly legitimate subpoenas, compelling companies to hand over usernames, emails, phone numbers, and other private user information. However, the FBI noted that not all fraudulent emergency data requests were successful.

According to a Bloomberg report from the year, cybercriminals frequently utilize requested data for harassment, doxxing, and financial fraud schemes targeting individuals. The report found that hackers had obtained user information from Apple, and the owner of , by submitting fraudulent emergency data requests.

According to reports, the manufacturers of and have also become targets of the attacks.

Apple, Google, and other companies that store large amounts of customers' personal and private data receive tens of thousands of emergency data requests each year.

Bloomberg reported in 2021 that fraudulent emergency data requests had existed since early 2020 and were carried out by groups primarily consisting of teenagers and young adults, such as LAPSUS$, which later hacked some of the world's largest companies, including.

The FBI stated in its advisory report that law enforcement agencies should take steps to enhance their cybersecurity posture to prevent intrusions, including implementing stronger passwords and multi-factor authentication.

The FBI states that private companies "should critically think about any emergency data requests they receive," as cybercriminals "understand the necessity of emergencies."