An unknown hacker is claiming to have pulled off a heist at US location tracking firm Gravy Analytics, according to screenshots of the boast circulating online.
It is not clear exactly how and under what circumstances the breach occurred. A Russian-language post and screenshots uploaded early Sunday to XSS, a site popular with attention-seeking cybercriminals, carried a claim that the company had been hacked and that large amounts of data were stolen.
Reuters could not immediately locate contact details for the party responsible for the posts, whose publication had been reported by tech outlet 404media.
Attempts to contact location intelligence company Unacast, which announced its merger with Gravy in 2023, were unsuccessful. Gravy's website was down Wednesday and repeated messages were not returned. A man who answered the door at Unacast’s small office in an Ashburn, Virginia, coworking space said he was not authorized to speak to the media.
Experts who reviewed about 1.4 gigabytes of leaked data that was posted to the web around the same time as the hacking claim said the information did appear to have been taken from Gravy.
"It passes the smell test 100 percent," said Marley Smith, the principal threat researcher at cyber intelligence company RedSense.
Hacker claims breach of US location tracking company Gravy Analytics
Image: 123RF
An unknown hacker is claiming to have pulled off a heist at US location tracking firm Gravy Analytics, according to screenshots of the boast circulating online.
It is not clear exactly how and under what circumstances the breach occurred. A Russian-language post and screenshots uploaded early Sunday to XSS, a site popular with attention-seeking cybercriminals, carried a claim that the company had been hacked and that large amounts of data were stolen.
Reuters could not immediately locate contact details for the party responsible for the posts, whose publication had been reported by tech outlet 404media.
Attempts to contact location intelligence company Unacast, which announced its merger with Gravy in 2023, were unsuccessful. Gravy's website was down Wednesday and repeated messages were not returned. A man who answered the door at Unacast’s small office in an Ashburn, Virginia, coworking space said he was not authorized to speak to the media.
Experts who reviewed about 1.4 gigabytes of leaked data that was posted to the web around the same time as the hacking claim said the information did appear to have been taken from Gravy.
"It passes the smell test 100 percent," said Marley Smith, the principal threat researcher at cyber intelligence company RedSense.
Hacker uses Telegram chatbots to leak data of top Indian insurer Star Health
John Hammond of cybersecurity firm Huntress came to a similar conclusion.
"It all seems to point to it being legitimate," he said.
Gravy was one of two companies swept up in a recent crackdown by President Joe Biden's administration on brokers who specialise in using cellular data to offer extraordinarily granular information on where individuals are at any given moment.
Such data can be used to tailor online advertising, or deployed for government and corporate surveillance. The Federal Trade Commission has expressed concern it could facilitate stalking, blackmail, and espionage.
In December the FTC announced a settlement with Gravy and a second broker, Mobilewalla, after accusing them both of engaging in deceptive practices by gathering location data without proper consent.
The FTC declined comment on the reported breach. In a statement released last month, FTC chair Lina Khan said "the multibillion-dollar industry built around targeted advertising may presently leave Americans' sensitive data extraordinarily exposed".
READ MORE:
'We have it under control,' says Sassa after hackers claim to use stolen identities for grants
Meta says Iranian group tried to target Trump, Biden officials' WhatsApp accounts
North Korean hackers sent stolen crypto to wallet used by Asian payment firm
Australian agency says China-backed hackers behind cyber crimes
Would you like to comment on this article?
Sign up (it's quick and free) or sign in now.
Please read our Comment Policy before commenting.
News and promos in your inbox
subscribeMost read
Latest Videos