
Russian cybercriminals have hacked one of the largest companies that tracks Americans’ location through smartphone data in exchange for ransom, according to two cybersecurity researchers, a person who has posted a massive trove of allegedly hacked files and a notice the company sent to the Norwegian government. Limited time: Save 25% on NBC News subscription Get exclusive reporting, live Q&As and ad-free reading. The incident would be one of the largest known breaches of a handful of controversial U.S.
Main Idea: Gravy Analytics, a company that sells location data on Americans, appears to have been hacked, and the breach may involve a large trove of sensitive data.
Key Points:
A hack of Gravy Analytics could expose Americans’ location histories, putting consumers, patients, and workers at risk of stalking, scams, and unwanted surveillance.
The FTC’s action may push stronger limits on data brokers and give people more privacy protection.
Rate how each entity in this article affected the American people.
Central company alleged to have been hacked and accused of illegally collecting and selling Americans’ location data.
Federal regulator that accused Gravy Analytics and Venntel of unlawful data collection and sale.
Identified as the alleged attackers and ransom-seekers behind the breach.
Cloud platform where Gravy said unauthorized access occurred.
Cybersecurity company whose researcher analyzed the leaked data and commented on the breach.
Recipient of the private breach notification and part of the article’s reporting on the incident.
Privacy and location-data company whose CEO analyzed the sample leak and estimated its scale.
Comments here are the same thread shown when this article appears in The Pulse.
No comments on this article yet.
Sign in to commentParent company connected to Gravy Analytics and mentioned in the breach notice and contact failures.
Outlet that obtained and published the private breach notification, referenced as a reporting source.
Website used by NBC News to check whether exposed email addresses had appeared in prior breaches.