Level 33
LocationSmart, a U.S. based company that acts as an aggregator of real-time data about the precise location of mobile phone devices, has been leaking this information to anyone via a buggy component of its Web site — without the need for any password or other form of authentication or authorization — KrebsOnSecurity has learned. The company took the vulnerable service offline early this afternoon after being contacted by KrebsOnSecurity, which verified that it could be used to reveal the location of any AT&T, Sprint, T-Mobile or Verizon phone in the United States to an accuracy of within a few hundred yards.


Level 34
Content Creator
Wow that's a serious issue. Hope it get's patched fast but also makes me wonder how long this crap was going on and also how possibly sad security other similar companies have.
On May 10, The New York Times broke the news that a different cell phone location tracking company called Securus Technologies had been selling or giving away location data on customers of virtually any major mobile network provider to a sheriff’s office in Mississippi County, Mo.

On May 15, ran a piece saying that Securus was getting its data through an intermediary — Carlsbad, CA-based LocationSmart.

Wednesday afternoon Motherboard published another bombshell: A hacker had broken into the servers of Securus and stolen 2,800 usernames, email addresses, phone numbers and hashed passwords of authorized Securus users. Most of the stolen credentials reportedly belonged to law enforcement officers across the country — stretching from 2011 up to this year.


Level 42
Anyone else about done with a lot of this technology?

I tossed most of my IoT in the trash. I have only 2 pieces left, and both are well controlled. My cameras can't talk out the wan, and are all on vlans. My Smart TV's have all been made 'dumb'.

My smart phones are becoming more and more dumb phones by the week. Next step I am rooting my Galaxy Phone and wiping all of the Samsung hidden crap and internal bloat off of it.

If they keep this up, more and more people will start to go dark on intelligence/telemetry, then they'll panic.