Gravy Analytics is hardly a household brand but it is on the minds of many after the company, which that tracks and sells Americans’ location data, was hacked. Russian cybercriminals hacked Gravy, one of the largest companies of its kind, in exchange for ransom, according to two cybersecurity researchers, a person who several days ago posted a virtual treasure trove of the purportedly hacked files, and a notice the company sent to the Norwegian government.
Last month, the U.S. Federal Trade Commission accused Gravy of illegally selling Americans’ info.
The tracking data is useful to cybercriminals because it it can be used to extensively map people’s lives, usually without their knowledge or consent.
As a result of the breach, the National Security Agency issued a warning telling users that “mobile devices store and share device geolocation data by design…
The agency emphasized that “[L]ocation data can be extremely valuable and must be protected. It can reveal details about the number of users in a location, user and supply movements, daily routines (user and organizational), and can expose otherwise unknown associations between users and locations.”
For users whose movements must – for a variety of reasons – remain hidden, the NSA said that people with such concerns should “fully disabling location services settings, and turning off cellular radios and Wi-Fi networks when not in use.” But for many other users, this may be a bridge too far. But NSA also tells users to do the following, recommendations you should absolutely follow now:
Apps should be given as few permissions as possible; Set privacy settings to ensure apps are not using or sharing location data; Set location settings for such apps to either not allow location data usage or, at most, allow location data usage only while using the app.
In addition, it recommends that users disable advertising permissions to the greatest extent possible. This could include setting privacy settings to limit ad tracking, resetting the advertising ID for the device on a regular basis, if possible, once per week.
It’s important to note that Apple users have it somewhat easier: The iPhone setting, “Allow Apps to Track”, which should be disabled, offers complete protection against tracking.
Th apps that may be spying on you include dating and hook-up apps such as Tinder and Grindr; games such as Candy Crush, Temple Run, Subway Surfers, and Harry Potter: Puzzles & Spells; the transit app Moovit; the social network Tumblr; the Yahoo e-mail client; Microsoft’s 365 Office app; many VPN apps, which some users may download, inadvertently in an ironic twist, in an attempt to protect their privacy.”
(Photo: Accura Media Group)
