Data Broker Hack Puts Millions at Risk of Location Exposure

Jimmy Jing

13 Jan 2025 — 1 min read

A recent data breach involving Gravy Analytics, a prominent location data broker, has potentially exposed precise location data for millions of users globally. This breach is suspected to involve data from widely-used mobile applications, including popular games and apps related to dating and health tracking. The revelation was first covered by TechCrunch and followed up by further reports from media outlets in the tech industry.

Widespread Exposure of Sensitive Locations

According to Baptiste Robert, CEO of Predicta Lab, a digital security firm, a small sample of the data set was shared on a Russian forum, revealing data points for numerous globally significant locations. These included high-security areas such as the White House, Kremlin, and the Vatican. The exposed sample alone accounted for over 30 million precise locations.

Investigations and Security Measures

In its communication with the Norwegian Data Protection Authority, Gravy Analytics disclosed unauthorized access to its AWS cloud storage detected on January 4th. The company is still conducting an investigation to ascertain the duration of the unauthorized access and whether it qualifies as a reportable personal data breach. “Gravy Analytics is working diligently to determine the scope of the incident and the nature of the information involved,” the company stated, indicating that if personal data is implicated, it most likely pertains to users from third-party services.

"Gravy Analytics is working diligently to determine the scope of the incident and the nature of the information involved." – Gravy Analytics

Regulatory Scrutiny and Previous Sanctions

Prior to this incident, Gravy Analytics had faced legal scrutiny as one of two data brokers subjected to a proposed order by the Federal Trade Commission (FTC). The order would prevent them from dealing with sensitive location data in their products or services. The FTC had previously criticized Gravy Analytics’ subsidiary, Venntel, for aggregating data from various apps and marketing it to both commercial enterprises and government entities such as the IRS and the FBI.

Will RedNote get banned in the US?

There’s a certain irony in the recent wave of TikTok users transitioning to RedNote. Originally, the clause to either divest or ban TikTok was aimed at curbing the influence of foreign-owned social networks potentially susceptible to the Chinese government's control. However, the move has unintentionally led users

Apple Temporarily Suspends Notification Summaries in iOS 18.3 Beta

Apple has announced a temporary suspension of the notification summaries feature for news and entertainment applications in its latest iOS 18.3 developer beta. This decision was confirmed following reports highlighting inaccuracies in content summarizations, which stemmed from the Apple Intelligence platform. In response to criticisms over these inaccuracies, particularly

Biden punts the TikTok ban to Trump

The Biden administration has declared that it will defer dealing with the controversy surrounding the TikTok ban to President Donald Trump, who will be stepping into office shortly. A White House official clarified, “Our position on this has been clear: TikTok should continue to operate under American ownership. Given the

Sony Launches Black PlayStation 5 Accessories for Preorder

In conjunction with the recent CES event, Sony has unveiled a selection of black PlayStation 5 accessories, which are now open for preorder before they hit the shelves on February 20th. The new lineup features a variety of items, including the DualSense Edge controller priced at $199.99, the Pulse