Security News Tracking Firm LocationSmart Leaked Location Data for Customers of All Major U.S. Mobile Carriers Without Consent in Real Time Via Its Web Site

LASER_oneXM

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
Content source
https://krebsonsecurity.com/2018/05/tracking-firm-locationsmart-leaked-location-data-for-customers-of-all-major-u-s-mobile-carriers-in-real-time-via-its-web-site/
LocationSmart, a U.S. based company that acts as an aggregator of real-time data about the precise location of mobile phone devices, has been leaking this information to anyone via a buggy component of its Web site — without the need for any password or other form of authentication or authorization — KrebsOnSecurity has learned. The company took the vulnerable service offline early this afternoon after being contacted by KrebsOnSecurity, which verified that it could be used to reveal the location of any AT&T, Sprint, T-Mobile or Verizon phone in the United States to an accuracy of within a few hundred yards.
Click to expand...
 
  • Like
Reactions: Daviworld, Weebarra, upnorth and 1 other person
upnorth

upnorth

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Jul 27, 2015
5,459
Wow that's a serious issue. Hope it get's patched fast but also makes me wonder how long this crap was going on and also how possibly sad security other similar companies have.
On May 10, The New York Times broke the news that a different cell phone location tracking company called Securus Technologies had been selling or giving away location data on customers of virtually any major mobile network provider to a sheriff’s office in Mississippi County, Mo.

On May 15, ZDnet.com ran a piece saying that Securus was getting its data through an intermediary — Carlsbad, CA-based LocationSmart.

Wednesday afternoon Motherboard published another bombshell: A hacker had broken into the servers of Securus and stolen 2,800 usernames, email addresses, phone numbers and hashed passwords of authorized Securus users. Most of the stolen credentials reportedly belonged to law enforcement officers across the country — stretching from 2011 up to this year.
Click to expand...
:oops:
 
  • Like
Reactions: Daviworld, Weebarra and LASER_oneXM
F

ForgottenSeer 58943

Anyone else about done with a lot of this technology?

I tossed most of my IoT in the trash. I have only 2 pieces left, and both are well controlled. My cameras can't talk out the wan, and are all on vlans. My Smart TV's have all been made 'dumb'.

My smart phones are becoming more and more dumb phones by the week. Next step I am rooting my Galaxy Phone and wiping all of the Samsung hidden crap and internal bloat off of it.

If they keep this up, more and more people will start to go dark on intelligence/telemetry, then they'll panic.
 
  • Like
Reactions: Daviworld, Weebarra, upnorth and 1 other person
You must log in or register to reply here.

Similar threads

LASER_oneXM
    • Like
Privacy News Mobile Giants: Please Don’t Share the Where
Replies
0
Views
1,139
News Archive
LASER_oneXM
LASER_oneXM
LDogg
    • Like
Security News Flaws in Pre-Installed Apps Expose Millions of Android Devices to Hackers
Replies
1
Views
1,283
News Archive
SumTingWong
SumTingWong
Rengar
    • Like
Legal Govt Tracking Of Mobile Phones For Data Mining
Replies
0
Views
1,594
News Archive
Rengar
Rengar

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top