LocationSmart, a company based in Southern California, is under investigation by the FCC after it was discovered that its website made it possible for just about anyone to access location data for the majority of US cell phones.
LocationSmart, a company based in Southern California, is under investigation by the FCC after it was discovered that its website made it possible for just about anyone to access location data for the majority of US cell phones.
Security expert Brian Krebs reported that a bug on the LocationSmart website made it possible for anyone to check on the location of any AT&T, Sprint, T-Mobile or Verizon phone in the US. Even more worryingly, the data is said to be accurate to a few hundred yards.
See also:
LocationSmart’s website included a demonstration tool that to show how it worked, while access to real data was meant to be restricted to authorized users for legitimate purposes. Krebs explains how the service is supposed to work: “LocationSmart’s demo is a free service that allows anyone to see the approximate location of their own mobile phone, just by entering their name, email address and phone number into a form on the site. LocationSmart then texts the phone number supplied by the user and requests permission to ping that device’s nearest cellular network tower. Once that consent is obtained, LocationSmart texts the subscriber their approximate longitude and latitude, plotting the coordinates on a Google Street View map.”
But this was not all that was possible. Krebs also reports the findings of Robert Xiao:
This is clearly something of great concern to millions of people, and the FCC is now investigating, confirming to Ars Technica that “the matter has been referred to the Enforcement Bureau”.
Responding to the incident, Brenda Schafer, a spokesperson for LocationSmart, said:
The demo tool has been taken offline while an investigation takes place. The news come just days after LocationSmart was named as the source for data used by a firm called Securus to help police locate cell phones.
Image credit: TippaPatt / Shutterstock
