An anonymous hacker is claiming responsibility for a data breach at U.S.-based location tracking company Gravy Analytics, according to screenshots of their alleged exploits circulating online.
While details surrounding the hack remain unclear, a post in Russian on XSS—a forum frequented by cybercriminals—claims that a significant amount of data was stolen.
The Breach and Initial Findings
Screenshots and a Russian-language post uploaded early Sunday suggested Gravy Analytics was compromised. The hacker claims to have accessed a trove of sensitive data. Around the same time, 1.4 gigabytes of leaked information was posted online. Cybersecurity experts who analyzed the data have indicated it appears authentic.
Marley Smith, principal threat researcher at RedSense, noted that the leaked files “pass the smell test 100 percent.” Similarly, John Hammond from cybersecurity firm Huntress concluded the breach appears legitimate.
Gravy Analytics, which merged with location intelligence company Unacast in 2023, has yet to respond to inquiries. Attempts to reach Gravy were unsuccessful, as their website remained offline as of Wednesday. A man at Unacast’s coworking office in Ashburn, Virginia, declined to comment.
Gravy Analytics Under Scrutiny
Gravy Analytics has recently drawn attention as one of two companies implicated in a government crackdown on data brokers specializing in granular location tracking. These firms use cellular data to provide highly precise information on individual movements, which can be leveraged for targeted advertising, corporate surveillance, or government monitoring.
If this article helped you, please consider supporting our work. Every small contribution keeps Abijita.com independent and running.
The Biden administration and the Federal Trade Commission (FTC) have raised concerns over the risks such practices pose, including the potential for stalking, blackmail, and espionage.
