The team logo
Daily Brief Changelog
v0.7

Article Details

Scrape Timestamp (UTC): 2024-06-13 01:17:27.242

Source: https://www.theregister.com/2024/06/13/tile_life360_extortion/

Original Article Text

Click to Toggle View

Crooks crack customer info at tracking device vendor Tile, issue 'extortion' demands. Who tracks the trackers?. Life360, purveyor of "Tile" Bluetooth tracking devices and developer of associated apps, has revealed it is dealing with a "criminal extortion attempt" after unknown miscreants contacted it with an allegation they had customer data in their possession. After being contacted by the attackers, Life360 detected unauthorized access to the Tile customer support platform – which contains customers' names, addresses, email addresses, phone numbers and Tile device identification numbers, according to a statement posted by CEO Chris Hulls. The customer support platform does not, Hulls wrote, store "more sensitive information, such as credit card numbers, passwords or login credentials, location data, or government-issued identification numbers." While Hulls's statement doesn't provide much detail, it notes that the attackers did not pop the tracking device maker's service platform. The perps also demanded a ransom, we're told. Hulls didn't specify the amount sought, nor whether Life360 paid up. A spokesperson declined to answer The Register's questions about the break-in, including how the crook accessed the Tile customer support system and details of the extortion demand. "We have reported the incident to law enforcement and have no further details to share at this time," the spokesperson said, adding that additional steps have been taken to harden Life360's systems. It's unclear if the thieves plan to sell or leak the customers' information. Whatever their plans, it's not a good look for a business that claims to "remain committed to keeping families safe online and in the real world," per Hulls's statement. Tile, and its parent company, have also been sued by stalking victims who claim the tracking tech has "magnified" the danger posed to individuals by ex-partners and others. The class action case, filed in August 2023, accuses the companies of negligence, defective design, unjust enrichment, intrusion and privacy law violations.

Daily Brief Summary

DATA BREACH // Tile Extortion Attack Exposes Customer Data Concerns

Life360, producer of Tile Bluetooth trackers, faced a criminal extortion attempt linked to stolen customer data.

Attackers claimed possession of data from the Tile customer support platform, accessing names, addresses, emails, phone numbers, and device IDs.

The hacked platform did not contain particularly sensitive information like passwords, credit card details, or location data.

Life360 CEO Chris Hulls disclosed the breach, stating that the core service platform was unaffected and not breached.

The company was contacted by perpetrators demanding a ransom, though details of the payment or the amount demanded remain undisclosed.

Life360 has engaged law enforcement and boosted security measures, with no additional details provided as investigation progresses.

The breach poses further concerns as Tile faces a lawsuit for allegedly enabling stalking and compromising user safety.