CyberInsider

Reliable cybersecurity news and resources

General

Guides

About

Cyber Insider covers the latest news in the cybersecurity and data privacy world. In addition to news, we also publish in-depth guides and resources.
See our Mission >

Tracking Service Tile Suffers Unauthorized Access and Data Breach

By Leave a Comment
Tracking Service Tile Suffers Unauthorized Access and Data Breach

Life360, the parent company of the popular tracking device brand Tile, recently reported an unauthorized access incident targeting its customer support platform.

Tile, acquired by Life360 in November 2021, is renowned for its tracking devices which help users locate items like keys and wallets via a smartphone app. The service is utilized by millions of users worldwide, providing a reliable solution for tracking personal belongings.

The breach involved a criminal extortion attempt, with an unknown actor claiming to possess customer information. Although sensitive data such as credit card numbers and location data remained secure, personal information was potentially exposed.

The incident was detected when Life360 received emails from an unknown actor threatening to release Tile customer data unless a ransom was paid. Life360 initiated an investigation and confirmed unauthorized access to its Tile customer support platform, excluding its main service platform. The compromised data includes:

  • Full names,
  • Physical addresses,
  • Email addresses,
  • Phone numbers,
  • and Tile device identification numbers.

The company notes that financial and location data were not exposed as a result of this incident.

Life360 says it has taken steps to bolster its security measures and has reported the incident to law enforcement. Chris Hulls, CEO of Life360, emphasized the company's commitment to protecting customer information and assured that efforts to enhance system security are ongoing.

Additional insights were provided by a report from 404 Media, which detailed that the hacker had accessed internal Tile tools, including those used for processing location data requests for law enforcement.

The hacker obtained login credentials believed to belong to a former Tile employee and gained access to tools that could initiate data access requests. Despite the significant breach, it is confirmed by the news outlet that the stolen data did not include real-time location information.

Defense tips for Tile users

Though Life360 says its response to the cyber incident was swift, and robust security measures have been implemented now, Tile users should follow these steps to protect themselves:

  • Reset your account passwords and use something long and unique.
  • Regularly check accounts for suspicious activity like unauthorized actions.
  • Ensure contact information is up-to-date for timely reception of breach notifications.
  • Report any phishing attempts or unusual communications to Tile and/or the authorities.

About Alex Lekander

Alex is the founder and Editor-in-Chief of CyberInsider.com. His background and expertise includes digital privacy, security, and tech journalism. When he’s not working behind a screen, Alex is probably tinkering with a boat or enjoying the outdoors.

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *