As first reported by 404media, hackers have compromised location aggregator Gravy Analytics, stealing “customer lists, information on the broader industry, and even location data harvested from smartphones which show peoples’ precise movements.” This has dumped a trove of sensitive data into the public domain.
This data is harvested from apps rather than the phones themselves, as EFF explains, “each time you see a targeted ad, your personal information is exposed to thousands of advertisers and data brokers through a process called real-time bidding’ (RTB). This process does more than deliver ads—it fuels government surveillance, poses national security risks, and gives data brokers easy access to your online activity. RTB might be the most privacy-invasive surveillance system that you’ve never heard of.”