A company that tracks and sells Americans' location data has seemingly been hacked [View all]

Source: NBC News

Jan. 10, 2025, 3:27 PM EST


One of the largest companies that tracks Americans’ location through smartphone data has been hacked by Russian cybercriminals in exchange for ransom, according to two cybersecurity researchers and a person who has posted a massive trove of allegedly hacked files. The incident would be one of the largest known breaches of a handful of controversial U.S. companies that sell individuals’ location data, a gold mine for advertisers as it can be used to extensively map a person’s life, usually without their knowledge.

The company, Gravy Analytics, and its subsidiary, Venntel, were accused last month by the Federal Trade Commission of illegally collecting and selling Americans’ location data without their knowledge or obtaining proper legal consent. Some of the people Gravy tracked were monitored going into sensitive locations like government buildings, health clinics and places of worship, the FTC said.

Smartphones create significant data from both how they connect to cell towers and wireless internet providers, as well as through apps, particularly third-party apps that require location data. The ubiquity of smartphones in everyday life has spurred an industry of shadowy companies that buy, package and sell data. While that data is usually advertised to marketers, it’s also sold to governments.

Gravy’s website has been down since at least Tuesday. Emails to it, Venntel and Gravy’s parent company, Unacast, could not be delivered. Several executives at the company contacted by NBC News did not respond to a request for comment.

Read more: https://www.nbcnews.com/tech/security/location-data-broker-gravy-analytics-was-seemingly-hacked-experts-say-rcna187038