Top Telecom companies spill Customer Location data to Bounty hunters
- T-Mobile, Sprint, and AT&T are the three companies at the epicenter of this unauthorized data access exposé.
- A Motherboard investigation found one instance where a bounty hunter was able to get a user’s location data using just a few tools.
A recent incident uncovered by an expert on Motherboard has shed light into the sale of users’ location data to various entities. In fact, it is purported to be originating from major telephone companies such as T-Mobile, Sprint and AT&T. This particular incident detailed the ease of possibility in locating a person’s phone without using any advanced tracking tools/techniques.
Location data was simply bought from a bounty hunter, who in turn contacted his sources who possessed this data. In other words, the information traveled from telcos to the last seeker in the chain. Vulnerabilities such as this might tell us how broken the concept of data privacy is at the service providers end.
Microbilt, a company which sells geolocation services to different entities, is under the scanner after this investigation. The reason being that their clients (for example, bounty hunters or other parties) might have unknowingly put out location data in the open. However, to much relief of the users, Microbilt has suspended these services post the incident.
Telcos rebuke allegations
Frederike Kaltheuner, an expert at Privacy International told Motherboard that “it’s part of a bigger problem; the US has a completely unregulated data ecosystem.” Following this incident, telcos are expected to limit data sharing with third parties.