The location data leak of mobile phone users has been making the headlines for a few weeks. A few days ago, it was revealed that LocationSmart, a cloud location services company, was leaking real-time location of customers.
KrebsOnSecurity recently announced that a bug in LocationSmart website was giving out real-time location details of mobile phone customers. It is known that this bug was found out in a free demo tool which is available on the official website of LocationSmart. It revealed the Location details to everybody in general. The customers were of companies such as Verizon, AT&T, Sprint, and T-Mobile.
When KrebsOnSecurity determined that this tool was leaking details without the requirement for any passcode or another mode of authorization or authentication, the tracking firm based in the US took the service offline.
However, LocationSmart verified in an email that Robert Xiao, who is a security researcher at Carnegie Mellon University, was able to get the real-time location of the subscribers only by obtaining their consent personally.
LocationSmart mentioned that it attempts to bring safely equipped efficiencies to users via its enterprise mobility platform. The API demo could have revealed the customers’ real-time location to hackers and cybercriminals. Although, even without this bug, any LocationSmart user would still have been able to get access to the same kind of data.
Carriers are leaking location data to others
Even though LocationSmart takes the spotlight in the story, the real story is that carriers share the customer’s real-time location information with anybody who asks for it. LocationSmart is just one of the many who does so. LocationSmart has garnered media attention due to its prominence.
This kind of data sharing would not be permitted under the General Data Protection Regulation (GDPR), which is going to be active by the end of the month of May. It is also unclear if the Consent Act of Senator Ed Markey will put an end to such sort of practice since it mainly targets the “edge providers.”
Xio warned the users that customer location information leaks such as the one with LocationSmart and Securus could not be avoided, for as long as these carriers carry on providing direct access to the users’ real-time location details to third-party.
At present, it is vital to keep all the data and information security. Hackers are lurking around and looking for vulnerable computers and networks to get illegitimate access. Norton antivirus is a robust security software which keeps all the system data secure. Norton antivirus can be purchased from the web store or retail store. You can activate the 25 character Norton product key at Norton.com/setup.
Source : Norton.com/setup