Hackers claim massive breach of company that tracks and sells Americans’ location data

In the realm of data privacy, the focus is often on tech giants like Google and Facebook, who use personal data to target ads and recommendations. However, there is a lesser-known group of businesses whose entire existence revolves around collecting and selling your data to other companies and even governments. These data brokers operate in murky legal waters, with user consent buried in complex terms and conditions.

What is even more alarming is the lax security protocols these data brokers have in place to protect the data they gather. Last year, National Public Data made headlines for failing to secure 2.7 billion records of individuals whose data they had harvested. Now, reports have emerged that hackers have breached Gravy Analytics, the parent company of Venntel, which has been selling smartphone location data to the U.S. government.

The breach at Gravy Analytics is significant, with hackers claiming to have gained access to sensitive location data that tracks precise smartphone movements, customer information, and even internal infrastructure. The stolen data includes latitude and longitude coordinates, timestamps, and even country information. The hackers have allegedly had access to Gravy’s systems since 2018, indicating a serious security flaw on the company’s part.

The compromised customer list reportedly includes major companies like Uber, Apple, and Equifax, as well as government contractors like Babel Street. This breach raises serious concerns about the security of location data and the potential risks it poses to individuals. The data could end up on black markets, making vulnerable individuals targets for harassment or worse.

The Federal Trade Commission (FTC) has recently cracked down on Gravy Analytics, proposing an order that would restrict these companies from selling or using location data except in specific cases like national security or law enforcement. The implications of this breach are troubling, as sensitive locations could become easy targets for malicious actors.

In light of this breach and the broader issue of data privacy, here are five actionable tips to safeguard your information:
1) Limit app permissions to only necessary access.
2) Use a VPN to encrypt your internet activity.
3) Opt out of data sharing where possible.
4) Avoid free apps that monetize data.
5) Invest in data removal services to regain control over your personal information.

Companies that collect and sell user data must be held accountable for failing to protect this data. Stronger penalties are needed to deter negligence and protect individual privacy rights. It is crucial to prioritize privacy and implement stringent measures to safeguard personal data in the digital age.