Life360 has confirmed that its subsidiary, Tile, was the victim of a data breach after hackers recently gained access to the Bluetooth-based key finder maker's system
As reported by The Verge, the perpetrators used stolen employee credentials to access Tile's customer data, including names, addresses, emails, and phone numbers
The story itself was first revealed by 404 Media, which had direct contact with the hackers According to the media's conversations with the hacker, the customer information that is now publicly available was obtained from a database used to identify the owners of certain Tile trackers
In a statement, Life360 CEO Chris Hulls offers further insight into this information leak, explaining that Tile's parent company "recently suffered a criminal extortion attempt" Apparently, hackers sent an email to the company claiming to possess Tile's customer information and attempted to negotiate a ransom payment
Following this, Life360 investigated and found that Tile's customer support platform had been compromised Customer information was stolen from here, but fortunately, no sensitive information such as credit card numbers, passwords, or location information was stolen, as this particular support platform did not contain that type of data
At this time, Life360 believes that the data breach was limited to that particular tile customer support platform and not more extensive
In an emailed statement to Tom's Guide, a Life360 spokesperson explained that the support platform is for internal use only and is used as part of a multi-step process to initiate law enforcement data requests (404 Media initially (404 Media initially reported that it was intended for law enforcement) He also explained that "Life360 maintains multiple layers of automated and human intervention before responding to law enforcement requests for tile user data It also challenges the legal sufficiency of the warrant, where appropriate"
He explained
Typically, when we report a data breach, it is after the company in question has reported what happened to the authorities in the form of a data breach notification Such a notification often states how many customers were affected, as well as how the affected company will remedy the situation for its customers
There is quite a lot that companies can do to restore trust with their customers after a data breach, such as offering free access to the best identity theft protection services and free credit monitoring In this case, however, it is still too early to tell, and it is not known whether the problem is widespread or limited to a small number of tile customers
Therefore, for the time being, it is up to you to take the necessary precautions to stay safe from the consequences following this data breach Since it is certain that names, addresses, e-mails, and phone numbers were compromised, other cybercriminals could use this stolen data to launch targeted phishing attacks For this reason, you should be extremely careful when checking your inbox, as well as when checking your mailbox directly
Hackers can also send malicious emails containing dangerous malware or even USB flash drives with malware pre-installed Fortunately, however, Tile's customers' Social Security numbers were not compromised in this breach, so they cannot steal your identity
As Tile users ourselves, we are following this story closely and will keep you posted as we learn more
Comments