When you purchase through links on our site, we may earn an affiliate commission. This doesn’t affect our editorial independence.
A recent hack and data breach at location data broker Gravy Analytics has compromised the privacy of millions of people worldwide. The breach involves location data collected from various smartphone apps, including fitness, health, dating, transit, and gaming apps.
The full extent of the breach is still unknown, but the hacker has already released a large sample of location data, which includes tens of millions of data points revealing people’s movements, homes, workplaces, and travel patterns.
The breach was first reported by 404 Media, which discovered a post on a Russian cybercrime forum claiming that the hacker had stolen several terabytes of consumer data from Gravy Analytics. The parent company of Gravy Analytics, Unacast, notified Norwegian data protection authorities about the breach, stating that a hacker had acquired files from its Amazon cloud environment using a “misappropriated key.”
The breach has sparked concerns about data privacy and national security. Researchers who have analyzed the leaked data say it can be used to track people’s movements extensively. The data includes location points from devices located at sensitive areas such as The White House, the Kremlin, Vatican City, and military bases worldwide.
The implications of the breach are far-reaching, with potential risks for individuals, particularly those in the LGBTQ+ community, who could be identified and persecuted in countries where homosexuality is criminalized.
Gravy Analytics‘ website and associated domains have been offline since the breach was reported. The company has acknowledged the breach, stating that its investigation is ongoing.