Data Breach Exposes Location Data from Popular Apps
Gravy Analytics, a renowned data broker, faces a significant data breach, compromising the privacy of millions across the globe. The unauthorized release of collected location data via various smartphone applications presents a dire map revealing user activities and movements.
The unknown hacker claims to have stolen terabytes of sensitive consumer data from Gravy Analytics, with the breach’s extent remaining undisclosed. Around tens of millions of location data points connected to popular health, dating and transit apps, along with significant mobile games, are at play.
Breach Discovery and Response
Collateral evidence regarding the breach emerged when the alleged hacker exhibited stolen data on a private Russian cybercrime platform. According to Norwegian broadcasting network NRK, Unacast, Gravy Analytics’ parent firm, dutifully informed Norway’s data protection authorities about the breach.
30+ Million Location Data Points At Risk
The obtained breached sample reveals insights into users’ daily movements, raising concerns about individual privacy and national security. Digital security CEO, Baptiste Robert, claims the record contains over 30 million location data points from significant geo-political and commercial locations, including the Kremlin and The White House.
The accessible data offers an unprecedented tracking capability that could potentially discover individuals’ identities. Notably, data from LGBTQ+ users raises inclusive safety issues in regions with stringent laws against homosexuality.
Location Data From Ad Bidding Processes
Gravy Analytics primarily acquires location data from real-time bidding, determining which advertiser serves their ad to users. However, data brokers can exploit the ‘bidstream’ data, offering a detailed insight into individuals’ daily movements and behavior.
Concerning the unknown origins of Gravy Analytics’ substantial data, substantial quantities of the data derived from the owner’s geolocated IP address.
Steps to Protect Personal Data
According to the Electronic Frontier Foundation, users can take defense measures against ad surveillance. Using an ad-blocker and stifling cross-app tracking can effectively reduce your data footprint and exposure. Additionally, regularly resetting your advertising IDs can reduce any future data vulnerabilities.
Original source: Read the full article on TechCrunch
