Reuters reports that U.S. location tracking company Gravy Analytics was claimed to have been compromised by a Russian-speaking threat actor in an attack that purportedly resulted in a massive data breach.
Additional details regarding the incident, which was initially reported by independent tech news outlet 404media, remain uncertain but cybersecurity researchers John Hammond of Huntress and Marley Smith of RedSense have confirmed the veracity of the nearly 1.4 GB of data exposed by the threat actor on the XSS website. Such a development comes after Gravy Analytics and fellow data broker Mobilewalla were prohibited by the Federal Trade Commission from collecting location data after allegedly engaging in such activity without user consent, which could facilitate espionage, blackmail, and other illicit activities. "The multi-billion-dollar industry built around targeted advertising may presently leave Americans' sensitive data extraordinarily exposed," said FTC Chair Lina Khan.
