Home » News » Millions of people’s ‘intimate’ location data stolen in major hack

Millions of people’s ‘intimate’ location data stolen in major hack

Pic: iStock
May Be Interested In:NHL playoff watch: What’s at stake in all 14 games on Showdown Saturday



Millions of people using some of the world’s most popular apps may have had their locations leaked in a major hack.

Tinder, Spotify, Citymapper, Mumsnet and Sky News were among hundreds of companies named in a sample list of apps linked to the breach.

Hackers appear to have targeted a US location tracking firm Gravy Analytics. It collects information through smartphones, including peoples’ precise movements, and then provides it to other companies or governments.

More than 10 terabytes of data is thought to have been stolen, with Russian-speaking hackers sharing a sample of the stolen information on a well-known hacking forum.

Baptiste Robert, founder of Predicta Lab, a company that provides tools for online privacy and security, analysed the sample and was able to easily identify individuals around military bases and government offices, as well as details about people’s homes and family lives.

X

This content is provided by X, which may be using cookies and other technologies.
To show you this content, we need your permission to use cookies.
You can use the buttons below to amend your preferences to enable X cookies or to allow those cookies just once.
You can change your settings at any time via the Privacy Options.


Unfortunately we have been unable to verify if you have consented to X cookies.
To view this content you can use the button below to allow X cookies for this session only.

Enable Cookies
Allow Cookies Once

He also told Sky News the apps named in the leak weren’t necessarily working with Gravy Analytics.

Instead, he said, software development kits used in the apps appeared to be sending off users’ location data.

Graeme Stewart, from cyber security firm Check Point, told Sky News: “This is a new type of hack.

“It’s not just your personal details, it’s really quite intimate details about your life and what you’re doing and how you’re doing it.”

The company at the centre of the hack, Gravy Analytics, sells the data of thousands of apps used all around the world.

X

This content is provided by X, which may be using cookies and other technologies.
To show you this content, we need your permission to use cookies.
You can use the buttons below to amend your preferences to enable X cookies or to allow those cookies just once.
You can change your settings at any time via the Privacy Options.


Unfortunately we have been unable to verify if you have consented to X cookies.
To view this content you can use the button below to allow X cookies for this session only.

Enable Cookies
Allow Cookies Once

It can see granular details about users, down to whether you’re using your phone on the bus or on the toilet, according to Mr Stewart.

“It’s that level of detail which suddenly gives people the ability to make really quite deep distinctions and deep observations about your life and use that against you,” he said.

Read more:
‘Stuck’ NASA astronauts ‘not castaways’
OpenAI boss denies sister’s sexual abuse claims
Musk and the grooming gang scandal

Tech news outlet 404 Media first reported the hack and saw the sample data.

It includes precise latitude and longitude co-ordinates of people’s phones, and the time at which the phone was there, according to 404 Media.

What you can do

In order to protect from hacks like this, Mr Robert suggested users turn off their location when it isn’t needed, as well as WiFi.

He also recommended Android users delete their advertising ID and iOS users turn off “Allow Apps to Request To Track” in the privacy and security settings.

Named companies say they do not work with Gravy Analytics

A source with an understanding of the leak told Sky News that Tinder may be named because it is downloaded on phones with apps that work with Gravy Analytics.

The source suggested that the tracking company could have the ability to pull the names of other downloaded apps on the device.

“Tinder takes safety and security very seriously. We have no relationship with Gravy Analytics and have no evidence that this data was obtained from the Tinder app,” a Tinder spokesperson told Sky News.

Other companies named in the leaked data told Sky News they don’t work with Gravy Analytics or even track user location data.

Spotify said it could confirm “no Spotify user data is involved in this hack”.

A source at Sky said the company is urgently reviewing the alleged incident and doesn’t appear to have a commercial relationship to Gravy Analytics.

Gravy Analytics has been approached for comment.

share Share facebook pinterest whatsapp x print

Similar Content

Sustainability week 2024 | TechRadar April 19, 2024
Friday’s Jobs Report Will Be Confusing. Here’s How to Make Sense of It.
Friday’s Jobs Report Will Be Confusing. Here’s How to Make Sense of It. February 6, 2025
Survivor of the Mohawk Institute and board member of The Survivors’ Secretariat Roberta Hill, right, looks on as Secretariat Executive Lead Laura Arndt speaks during a news conference on Parliament Hill, in Ottawa, Monday, Sept. 30, 2024. (Adrian Wyld/The Canadian Press)
Survivors’ Secretariat warns it’s at risk of bankruptcy without funding decision December 18, 2024
Maximum points: what is the most influential video game ever?
Maximum points: what is the most influential video game ever? March 6, 2025
RBI signs pact with Bank of Mauritius to promote INR, Mauritian Rupee for bilateral transactions | Mint
RBI signs pact with Bank of Mauritius to promote INR, Mauritian Rupee for bilateral transactions | Mint March 18, 2025
Matei Rosca
Andrew Tate’s Recent “Extremely Dangerous” Behavior Could Lead To More Criminal Investigations, Prosecutors Say April 30, 2023
Frontpage Focus: The Day's Most Important Events | © 2025 | Daily News