Privacy of millions worldwide compromised as huge data location broker got hacked
The Gravy Analytics hack is a stark reminder of the danger of data collection. Here's all you need to know.
The privacy of millions of people worldwide is at risk following an attack against a huge data location broker.
404 Media first reported the news of a potential data breach against Gravy Analytics on January 7, 2025, after a hacker threatened to publish the stolen data publicly on a forum.
The parent company of Venntel, Gravy Analytics, is a US data location broker that holds data from millions of iPhone and Android users worldwide. The hacker claimed that the compromised information included smartphone users' location data that could show peoples' precise movements.
The Gravy Analytics hack is the latest reminder of the dangers linked to the data broker industry. It also sheds light yet again on the need to minimize the information you share online as much as possible.
Gravy Analytics hack
"This isn’t your typical data leak, it’s a national security threat," wrote Baptiste Robert, the CEO of digital security firm Predicta Lab, in a long X thread after reviewing a sample of the leaked dataset.
The total size of the sample is 1.4 GB and contains over 30 million compromised locations worldwide. These include devices located at very sensitive places like the White House in Washington, the Kremlin in Moscow, Vatican City, and some military bases around the world.
The data locations of everyday users of popular apps also appear to have been leaked. These include the dating app Tinder, music player Spotify, and even the much-loved mobile game Candy Crush.
And this is just a sample of what we know so far. "Based on the hacker’s claim of having 10 TB of history, the entire dataset would likely contain approximately 217,494,792,857 locations," wrote Robert.
Hackers claim to have breached Gravy Analytics, a US location data broker selling to government agencies. They shared 3 samples on a Russian forum, exposing millions of location points across the US, Russia, and Europe.It's OSINT time!
