It’s become evident that LocationSmart failed to take cybersecurity preventive measures while selling the real-time locations of cell phones wholesale. The problem started with a partner of LocationSmart called Securus that runs a business of prison communication.
LocationSmart has allowed Securus to provide mobile device locations in real time to law enforcement and others. The company works by locating the phones by finding a recently connected tower and then tracks their location within seconds as close to about 100 feet. However, a consent is required in order to track the phone.
If the police or the FBI or any other investigators required this kind of information, they need to directly access the network carriers. In order to skip through the paperwork hassle, network carriers allow LocationSmart to access the data and in turn sells it to someone else, like Securus. Securus in turn sells it to law enforcers or anyone who pays for it, without the need for paperwork.
But the catch here is that phone could still be tracked and located using tools from LocationSmart without user consent of carriers. It looks like the company forgot to secure the API and has caused a whole lot of damage.
Tencent Cloud launches its first Internet Data Center in Indonesia
21Vianet Chooses Juniper Networks’ Technology Meet Rising Demands of Data Traffic
International Data Corporation’s report suggests that healthcare providers in Asia will now spend more on IT
Ascendas REIT Is Acquiring Data Centers in Europe for $904.6M
Eros Now’s Data Science team will now leverage Google Cloud to automate subtitling for movies and other content
© 2021 CIO Bulletin. All rights reserved.