Malware
Life360 Exposes Hacker’s Bold Extortion Attempt Following Tile Data Breach
Life360, a family safety platform, reveals an extortion attempt by a hacker following a data breach that exposed 1.2 million Tile users’ information. The company says it refused to pay, and no data has been leaked or sold. Learn more about this hacking incident and Life360’s response to protect user data.
As a leading IT services provider, we recently learned that Life360, a safety and location services company, was targeted by cybercriminals who breached a Tile customer support platform and stole sensitive information. Life360 provides various services, including real-time location tracking, crash detection, and emergency roadside assistance to over 66 million members globally. The company acquired Tile, a Bluetooth tracking service provider, in a $205 million deal in December 2021.
Upon further investigation, Life360 discovered that the attacker gained access to names, addresses, email addresses, phone numbers, and device identification numbers. Life360 CEO, Chris Hulls, explained that the exposed data does not include more sensitive information such as credit card numbers, passwords, login credentials, location data, or government-issued identification numbers because the Tile customer support platform did not contain these types of information.
Stolen Credentials: The Entry Point
While Life360 did not disclose how the attacker breached its platform, the company has taken steps to protect its systems from further attack and reported the extortion attempts to law enforcement. It has not revealed when the breach was detected or how many customers were impacted by the data breach. A Tile spokesperson mentioned that they are “continuing to work with law enforcement” and have “no other updates at this time.”
According to 404 Media, the hacker reportedly used stolen credentials of a former Tile employee to gain access to multiple Tile systems. The compromised tools allowed the threat actor to locate Tile customers based on their phone numbers or private hash IDs and “initiate data access, location, or law enforcement requests,” create admin users, push alerts to Tile users, and transfer Tile device ownership. The attacker scraped Tile customer names, addresses, email addresses, phone numbers, and device identification numbers using a different system by sending millions of requests without being detected.
What Happens Next?
At the moment, it remains uncertain whether the threat actor will release the scraped data. However, it’s common for this type of data to be sold on hacking forums and dark web markets or released for free to boost the threat actor’s reputation.
As a trusted provider of IT services, we understand how crucial it is to maintain the security and privacy of our clients’ data. We’re always vigilant in keeping up-to-date with the latest cybersecurity threats and best practices. Feel free to reach out to us for more information on how to protect your data, and don’t forget to keep coming back for the latest news and insights on cybersecurity.