- GPS app gave hacker ability to remotely shut off car engines Today 3:58 PM
- Scott Walker wore jeans for sexual assault awareness, and Twitter is reminding him of his misogynist past Today 3:24 PM
- Hacked Lime scooters make sexual comments to riders Today 3:03 PM
- ‘Bonding’ squanders its potential with weak jokes and limp structure Today 2:49 PM
- The safest place for ‘Game of Thrones’ memes is in the crypts Today 2:23 PM
- Report: Fortnite developer Epic Games is working employees into the ground Today 1:57 PM
- Damian Lillard’s game-winning 3-pointer inspired a plethora of memes Today 12:17 PM
- Gamers are blaming socialism for making the women in Mortal Kombat ‘ugly’ Today 11:36 AM
- Nickelodeon is selling SpongeBob toys based on popular memes Today 11:25 AM
- Alex Jones protests outside the White House by shouting the name of his website Today 11:13 AM
- ‘I Think You Should Leave with Tim Robinson’ has an absurd conclusion for every scenario Today 10:52 AM
- Twitch star TF Blade banned for racial slur—but he swears he didn’t say it Today 10:43 AM
- Steve King says backlash to white nationalism comment was like what Jesus went through Today 10:23 AM
- Netflix movies are still eligible for Oscars, Academy rules Today 10:21 AM
- Sheriff’s deputy makes homophobic comments on Facebook after gay teen’s suicide Today 10:02 AM
Pixabay (Public Domain)
Just one company gave 250 bounty hunters access to AT&T, T-Mobile, and Sprint customer data.
The location data of countless U.S. cellphone users was secretly being accessed by hundreds of bounty hunters despite previous claims from mobile providers that such abuses were isolated, Motherboard reports.
Documents from a location data selling company known as CerCareOne, which ceased operations in 2017, have revealed that roughly “250 bounty hunters and related businesses” had access to information from AT&T, T-Mobile, and Sprint customers.
Motherboard’s Joseph Cox notes that just one bail bond firm used CerCareOne’s services over 18,000 times. The company not only had location information derived from cell towers but from “highly sensitive and accurate GPS data” as well.
According to Blake Reid, associate clinical professor at Colorado Law, the GPS data was originally intended to be used only by emergency services in order to locate people who had dialed 911.
“The only reason we grant carriers any access to this information is to make sure that first responders are able to locate us in an emergency,” Reid told Motherboard. “If the carriers are turning around and using that access to sell information to bounty hunters or whomever else, it is a shocking abuse of the trust that the public places in them to safeguard privacy while protecting public safety.”
CerCareOne, which forced its customers to sign agreements to keep their existence secret, would charge as much as $1,100 for an individual’s location.
“The news shows how widely available Americans’ sensitive location data was to bounty hunters,” Cox writes. “This ease-of-access dramatically increased the risk of abuse.”
A bail agent whose name was found among the documents defended the practice, arguing that it specifically targeted fugitives.
“This type [of] information is solely used for and extremely beneficial in locating and tracking wanted fugitives who have jumped bond and are also wanted by law enforcement for absconding from justice,” the bail agent said.
The scale of the secretive location data market has caused concern among lawmakers and privacy advocates alike. Sen. Ron Wyden (D-Ore.), a vocal critic of many tech companies’ data practices, said in a statement to Motherboard the latest discovery proves the issue is far worse than previously believed.
“Carriers assured customers location tracking abuses were isolated incidents. Now it appears that hundreds of people could track our phones, and they were doing it for years before anyone at the wireless companies took action,” Wyden said. “That’s more than an oversight—that’s flagrant, willful disregard for the safety and security of Americans.”
The aforementioned mobile service providers promised last month to stop selling its customers’ location data altogether. AT&T has stated that it was unaware of the alleged abuses by CerCareOne while the company was active.The FCC has stated that it is currently investigating the handling of location information by the major carriers.
Mikael Thalen is a tech and security reporter based in Seattle, covering social media, data breaches, hackers, and more.