In our last article in the ThreatModeler series about collateral damage of various types of data breaches, we examined the potential damage that could occur if hackers made off with your online activities information. Now, we will explore what could happen to an individual if attackers mounted a geolocation data breach.

Geolocation Poses Unique Security Threats

Anyone who has ever used a GPS device, smartphone, or accessed the Internet has been exposed to the inescapable nature of location-tracking capabilities. What you may not know, however, is that many services and organizations maintain massive databases of where their customers have been for at least the last 12 months. Geolocation data is collected – often without customer knowledge – for a variety of uses.

Types of Geolocation

Geolocation has a number of practical applications, from critical infrastructure (monitoring prisoners) to entertainment (locating a movie theater). Geolocation can be split into three major categories:

  • Georeferencing or positioning – identifying the physical location of a person or object on a physical map, e.g. finding the nearest gas station.
  • Geocoding – information regarding place or services that correspond to locations on a map, e.g. identifying a hardware store or retail establishment by type.
  • Geotagging – attributing geographic information to an object, such as a destination, on a map, e.g. tagging your check-in at a restaurant.
  • Geolocation has proven to be a powerful data-tool for everything from building detailed personal profiles to locating individuals in real time.

A popular commercial use for geolocation is “smart marketing,” which ties specific ads to people when they’re near a participating store, or when the system records that you frequently pass by a particular business. Law enforcement – from local police to Homeland Security and the FBI – has used geolocation data to find and prosecute suspects.

Agencies that provide non-emergency services, such as reporting potholes or broken traffic lights, rely on geolocation for citizens to provide the specific location of said occurrence. This kind of application is common on mobile applications that contain some kind of geolocation functionality.

Animoto Data Breach in 2018 Results in Compromise of User Data

In August of 2018, Animoto publicly announced that, in addition to birth dates, hashed and salted passwords and email addresses, hackers breached the geolocation data of its users. Animoto learned that the breach occurred on July 10. The company, which provides social media video content, responded to the incident by conducting a forensic investigation, notifying affected individuals and implementing additional security measures. Animoto tightened its access restrictions on employees and had them change their login passwords.

The number of affected individuals is not known, but at the time of the breach, Animoto had 22 million users. Animoto doesn’t keep the geolocation data for all of its users on file. Payment information was stored in another database and the company does not believe that data was compromised.

mSpy Involved in Two Hacks Over Recent Years, One Involving Geolocation

In 2018, mSpy, a company that creates software that allows its customers to “spy” on specific people through their mobile technology, suffered a data breach. It was the second cybercrime against the organization in three years. Hackers “stealthily” compromised records through customers’ mobile devices that were running the software. In addition to geolocation data, data that was compromised included passwords, text messages, call logs, text messages, contacts and notes.

Hackers created an online database that, through queries, would yield the private data of millions of records. Cybercriminals also compromised transaction information, including username, password and encryption data. mSpy logs containing user data was also compromised, including browser and IP addresses.

In May 2015, news of the first hack broke about a successful hack against mSpy. The attack – which may have been going on for more than a year – resulted in a massive geolocation data breach along with other personal identifying information. The exposed data included details on more than 400,000 customers and an undisclosed number of “surveillance” targets.

Most of the customers surveyed used the software for legitimate security concerns. For example, about 40% of the customer base were parents seeking to keep a watchful eye on their kids. The software is capable of tracking Android and iPhone locations to a high degree of precision.

Legitimate uses notwithstanding, with a geolocation data breach the possible collateral damage can be staggering:

  • Prosecution of Criminal Activity – law enforcement has built and prosecuted cases around geolocation data locating the suspect near the crime scene. If you and your cell phone happen to be near a crime and you are a reasonably close fit to the description, this would be sufficient cause to make you a suspect and possibly lead to your prosecution – whether or not you were the perpetrator.
  • In-Person Stalking and Physical Attack – a geolocation data breach could allow an attacker to infer where an individual is or is likely to be at a certain time. When the stolen data is made public, those with nefarious or violent intentions can easily find their intended targets.
  • Blackmail and Extortion – geolocation data that puts you near illicit businesses for an extended time period can be used to imply or infer your participation in those businesses. Such data can be used to:
  • make you a target of blackmail or extortion attempts, cause an employer to terminate your employment, or make you a target of a shame campaign.

The possibilities for collateral damage resulting from a geolocation data breach are endless based on what can be inferred or implied by a person’s location or travel patterns, the attacker’s purpose in physical proximity to the individual or in making actual contact, and the attacker’s ability to plan additional attacks based on knowing where the individual’s commuting patterns.

None of the listed collateral damage possibilities would be prevented or detected through credit and identity monitoring, leaving the end-victim to deal with the damages out of his or her own resources. Is it right that the individuals – who may not have even known that the information about them existed – be responsible for the potential collateral damage from a data breach?

ThreatModeler Will Protect Your Organization From Geolocation Data Breaches 

Organizations cannot afford to place the private data that it processes at risk. Threats continue to escalate and enterprises need to make a concerted effort to manage them. One of the biggest challenges to an organization is understanding its threats and vulnerabilities as they contribute to risk.

Threat modeling is a valid way to understand and prioritize threats for mitigation. Threat modelers map out the entire IT environment in order to understand the different components, connectors and actors involved in different use cases. From there, users can identify the different security requirements needed to reduce the likelihood of a cyberattack or data breach.

ThreatModeler takes the typically manual process of threat modeling and automates key functions by keeping updated with the latest threats and vulnerabilities from respected sources. Content and guidelines from OWASP, CAPEC, AWS and Azure, et al., are included. ThreatModeler integrates with IT project tracking tool Jira in order to empower DevSecOps teams to collaborate throughout the course of the SDLC.

To learn more about the benefits ThreatModeler has to offer, schedule a demo by a threat modeling expert that can address your organization’s unique challenges. Please contact us if you have any questions or additional requests.