Hackers Claim To Have Compromised Data Broker Used By US Government To Dodge Warrants Techdirt
p
Privacy
ppGravy Analytics the parent company of Venntel is like many dodgy data brokers The company gleans vast troves of sensitive US behavior and location cellphone data then generally sells access to that data to a long line of folks Including the US government which has increasingly turned to buying data broker data as a quick and easy end around for having to get a warrant ppLast month the FTC sued Gravy Analytics saying it routinely collects sensitive phone location and behavior data without getting the consent of consumers This month hackers claim to have compromised the giant surveillance company gaining access to 17 terabytes of data including a bunch of sensitive location data detailing the very specific movement patterns of US consumersppAs the fine folks at 404 Media note this is yet another inflection point for a super dodgy and barely regulated commercial surveillance industry at the center of scandal after scandalppThe news is a crystalizing moment for the location data industry For years companies have harvested location information from smartphones either through ordinary apps or the advertising ecosystem and then built products based on that data or sold it to others In many cases those customers include the US government with arms of the military DHS the IRS and FBI using it for various purposes But collecting that data presents an attractive target to hackersppA location data broker like Gravy Analytics getting hacked is the nightmare scenario all privacy advocates have feared and warned about The potential harms for individuals is haunting and if all the bulk location data of Americans ends up being sold on underground markets this will create countless deanonymization risks and tracking concerns for high risk individuals and organizations Zach Edwards senior threat analyst at cybersecurity firm Silent Push and who has followed the location data industry closely told 404 Media This may be the first major breach of a bulk location data provider but it wont be the lastppWeve long noted how the data broker space is an unregulated mess routinely overcollecting data selling access to any nitwit with two nickels to rub together including foreign intelligence or criminals and failing to generally secure it Wired last month had a piece detailing how it was trivial to purchase US troop and intelligence officer movement data as they visited sensitive US locations in GermanyppAn earlier scandal highlighted by Senator Ron Wyden involved the sale of abortion clinic visitor location data to right wing activists who then targeted those vulnerable women with health care disinformation More recently a data broker was found to have leaked the social security numbers of 270 million AmericansppNow the one agency that actually did anything about the problem the FTC is about to be absolutely defanged under Trump because a handful of billionaires thought Lina Khan was being personally mean to them Aint democracy grand ppThe warning signs are absolutely blaring and the entire location data sector is absolutely begging for a scandal that makes all previous scandals look like a lovely summer picnic At which point all of the policymakers who repeatedly refused to take consumer privacy seriously will stand around with their hands on hips in a real life version of the Spiderman meme wondering how exactly we got herepp
Filed Under data brokers ftc hackers privacy security surveillance warrants
Companies gravy analytics venntel
ppPer se 17TB of analytics data may not be that much There is a fair share of events data which dont produce coherent patterns and so is not useful
Still its certainly a good and cheap source of data to train AI to better target people from their behaviorppThe real question is can I buy the location data of Everyone who visited the Health Care CEO SummitppIm sure it wouldnt worry anyone Why do I want it no reason just becauseppHow long it took Besides a direct connection to the Hard drive Anything else that IS NOT a direct Hardware connection is going to take HOURS and DAYS
Next is WHO wants this And The list isnt long Advertisers FedState Gov and 1 more CORPS Medical history visiting Doctors and Hospitals and Loose Insurance Being able to Match things like Creditdebit cards with the computer in your car and There was an accident Cancelled Before you can get to the Agent Want a Lawyer to look you up Not to pay you money
Trying to hide from China If they can get 1 part of the Puzzle CC Bank Code That number In your car window And Match it with ANY other info YOU ARE TRACKEDppHmm dodgy data brokers Not surprisedppCan someone just cherry pick the data of a few congress critters alreadyppUntil it happens to them its not a problem
Showing them having dinner with a lobbyist going to a show hopping on a private flight they might becomes afraid that someone will mistake them for SCOTUS justicesppGee this phone leaves the russian embassy meets with these congressmen for 2 hours at a hotel wonder what that could beppThis brings whole new meaning to the term board the gravy trainppMaybe it is time for the public to consider making their own hack and data analysis groups to do exactly what was proposed above Analyze the stolen stuff and find connections to important authorities like cops congressmen CEOs and other similar folks and their businesses Then leak the results online to show only that they were indeed being tracked by criminals and foreign enemy actors by listing the various places they went a month ago or two months ago and where possible the names of the actors that bought the data
The people in power will not lift a finger to protect the peasants until the people in power feel threatened
Simple as thatppSorting this amount of Data Not easy unless They were Sooo Stupid THAT
Its in TXT format from a Spread sheetppDidnt some agency get NAILED for not Encoding their Personal DATA
Whats Wrong with this picture We have had this discussion TO MANY TIMESppYour email address will not be published Required fields are marked ppHave a Techdirt Account Sign in now Want one Register hereppName ppEmail ppSubscribe to the Techdirt Daily newsletterppURL ppSubject ppComment ppTechdirt community members with Techdirt Credits can spotlight a comment as either the First Word or Last Word on a particular comment thread Credits can be purchased at the Techdirt Insider Shop pp
ppppΔdocumentgetElementById akjs1 setAttribute value new Date getTime ppA weekly news podcast fromMike Masnick Ben WhitelawppRead the latest postspp
Read All
pp
Become an Insider pppp
This feature is only available to registered users
You can register here or sign in to use it p
Privacy
ppGravy Analytics the parent company of Venntel is like many dodgy data brokers The company gleans vast troves of sensitive US behavior and location cellphone data then generally sells access to that data to a long line of folks Including the US government which has increasingly turned to buying data broker data as a quick and easy end around for having to get a warrant ppLast month the FTC sued Gravy Analytics saying it routinely collects sensitive phone location and behavior data without getting the consent of consumers This month hackers claim to have compromised the giant surveillance company gaining access to 17 terabytes of data including a bunch of sensitive location data detailing the very specific movement patterns of US consumersppAs the fine folks at 404 Media note this is yet another inflection point for a super dodgy and barely regulated commercial surveillance industry at the center of scandal after scandalppThe news is a crystalizing moment for the location data industry For years companies have harvested location information from smartphones either through ordinary apps or the advertising ecosystem and then built products based on that data or sold it to others In many cases those customers include the US government with arms of the military DHS the IRS and FBI using it for various purposes But collecting that data presents an attractive target to hackersppA location data broker like Gravy Analytics getting hacked is the nightmare scenario all privacy advocates have feared and warned about The potential harms for individuals is haunting and if all the bulk location data of Americans ends up being sold on underground markets this will create countless deanonymization risks and tracking concerns for high risk individuals and organizations Zach Edwards senior threat analyst at cybersecurity firm Silent Push and who has followed the location data industry closely told 404 Media This may be the first major breach of a bulk location data provider but it wont be the lastppWeve long noted how the data broker space is an unregulated mess routinely overcollecting data selling access to any nitwit with two nickels to rub together including foreign intelligence or criminals and failing to generally secure it Wired last month had a piece detailing how it was trivial to purchase US troop and intelligence officer movement data as they visited sensitive US locations in GermanyppAn earlier scandal highlighted by Senator Ron Wyden involved the sale of abortion clinic visitor location data to right wing activists who then targeted those vulnerable women with health care disinformation More recently a data broker was found to have leaked the social security numbers of 270 million AmericansppNow the one agency that actually did anything about the problem the FTC is about to be absolutely defanged under Trump because a handful of billionaires thought Lina Khan was being personally mean to them Aint democracy grand ppThe warning signs are absolutely blaring and the entire location data sector is absolutely begging for a scandal that makes all previous scandals look like a lovely summer picnic At which point all of the policymakers who repeatedly refused to take consumer privacy seriously will stand around with their hands on hips in a real life version of the Spiderman meme wondering how exactly we got herepp
Filed Under data brokers ftc hackers privacy security surveillance warrants
Companies gravy analytics venntel
ppPer se 17TB of analytics data may not be that much There is a fair share of events data which dont produce coherent patterns and so is not useful
Still its certainly a good and cheap source of data to train AI to better target people from their behaviorppThe real question is can I buy the location data of Everyone who visited the Health Care CEO SummitppIm sure it wouldnt worry anyone Why do I want it no reason just becauseppHow long it took Besides a direct connection to the Hard drive Anything else that IS NOT a direct Hardware connection is going to take HOURS and DAYS
Next is WHO wants this And The list isnt long Advertisers FedState Gov and 1 more CORPS Medical history visiting Doctors and Hospitals and Loose Insurance Being able to Match things like Creditdebit cards with the computer in your car and There was an accident Cancelled Before you can get to the Agent Want a Lawyer to look you up Not to pay you money
Trying to hide from China If they can get 1 part of the Puzzle CC Bank Code That number In your car window And Match it with ANY other info YOU ARE TRACKEDppHmm dodgy data brokers Not surprisedppCan someone just cherry pick the data of a few congress critters alreadyppUntil it happens to them its not a problem
Showing them having dinner with a lobbyist going to a show hopping on a private flight they might becomes afraid that someone will mistake them for SCOTUS justicesppGee this phone leaves the russian embassy meets with these congressmen for 2 hours at a hotel wonder what that could beppThis brings whole new meaning to the term board the gravy trainppMaybe it is time for the public to consider making their own hack and data analysis groups to do exactly what was proposed above Analyze the stolen stuff and find connections to important authorities like cops congressmen CEOs and other similar folks and their businesses Then leak the results online to show only that they were indeed being tracked by criminals and foreign enemy actors by listing the various places they went a month ago or two months ago and where possible the names of the actors that bought the data
The people in power will not lift a finger to protect the peasants until the people in power feel threatened
Simple as thatppSorting this amount of Data Not easy unless They were Sooo Stupid THAT
Its in TXT format from a Spread sheetppDidnt some agency get NAILED for not Encoding their Personal DATA
Whats Wrong with this picture We have had this discussion TO MANY TIMESppYour email address will not be published Required fields are marked ppHave a Techdirt Account Sign in now Want one Register hereppName ppEmail ppSubscribe to the Techdirt Daily newsletterppURL ppSubject ppComment ppTechdirt community members with Techdirt Credits can spotlight a comment as either the First Word or Last Word on a particular comment thread Credits can be purchased at the Techdirt Insider Shop pp
ppppΔdocumentgetElementById akjs1 setAttribute value new Date getTime ppA weekly news podcast fromMike Masnick Ben WhitelawppRead the latest postspp
Read All
pp
Become an Insider pppp
This feature is only available to registered users
You can register here or sign in to use it p
