LocationSmart leaks mobile tracking data of all customers of US Mobile Carriers

LocationSmart, a US-based mobile tracking company is said to have leaked location data of all customers belonging to all US Mobile Carriers from April this year. This includes those using services of Verizon, At&T, T-Mobile, Sprint and Canadian carriers Bell, Rogers, and Telus.

Sources reporting to Cybersecurity Insiders claim that a vulnerability on the website of the cell phone location tracking service website had allowed anyone with no prior authentication or consent( like password authentication) to obtain the precise location of a Mobile Phones working in the United States and Canada to a range of just 100 feet.

Imagine, someone from the dark world could have used the flaw to track down the cellphone location data of a dignitary and could have leaked the details to the bad guys for some great bucks.

The said vulnerability of the Carlsbad, California based company was discovered by security experts from KerbsOnSecurity on May 16th and reported the same to the staff of the said firm and US-CERT on a simultaneous note.

LocationSmart’s IT staff fixed the issue yesterday i.e on May 17th,2018 and apologized for what has happened till date.

Note 1- On May 10th this year, a report published in New York Times said that a company named Securus Technologies was selling or giving away cellphone location data of any US Mobile user utilizing any virtually any major mobile network provider to a sheriff’s office in Mississippi, Missouri. The story said that the company made a lot of dollars in this process and has gained the information by accessing LocationSmart servers in a legal way.

Note 2- Founded in the year 1995, LocationSmart provides location APIs of mobile customers to enterprises and operates through a secure cloud-based privacy-protected platform. The company uses a variety of resources such as Wi-Fi location, IP Address Location, Browser location, Landline Location, and cellular network location to predict a user’s mobile phone location.

Naveen Goud
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display