- Gravy Analytics is being sued for not protecting personal data
- The demand is produced after 17 TB of the company's records were stolen.
- The trick in a data corridor has caused four demands so far
A complaint has been filed in the Federal Court of Northern California that describes the accusations that Data Broker Gravy Analytics has not been able to properly safeguard large amounts of personal data, which may now have been stolen.
This is the fourth demand of this type since January 2025, when the screenshots were published in the Cyber Crimes for Forum of Russia XSS feeding the fears that the amazing 17 TB of records of the AWS storage cubes would slide S3 of the analysis firm.
This violated information jeopardizes millions and describes the enormous risk when private companies harvest and store personal data.
This week's demand alleges a large geographical file of smartphone devices: this is what we know so far.
Insufficient data protection
Arguing that the company had the duty to protect the data that collected and stored, the demand points to the risk of identity theft for any person whose information was compromised.
The last complaint, reported by The registrationHe alleges that “the pirated sauce data data included dozens of millions of coordinates of mobile phones of devices within the United States, Russia and Europe, obtained through the use of people in the main mobile applications such as Tinder, Grindr, Candy Crush[Yamás”[Andmore”[ymás”[andmore”
The first violation was reported in early January 2025 after a hacker threatened to publish stolen location data, customer lists and personal information harvested by Gravy Analytics and stolen in a large trick.
The FTC of Gravy Analytics has been prohibited by the FTC to sell confidential location data, along with its Ventel subsidiary, after the FTC claimed that the two violated the FTC law by “unjustly selling the location of the confidential consumer, and through the collection and use of consumer location data without obtaining consumers' location data without obtaining consent from verifiable users for commercial and government uses.
There are many popular applications that collect their data, this is often sold to profitable runners. Because much of this collection occurs through the “advertising ecosystem” instead of a code developed by the creators of applications in themselves, this data collection “is probably happening without the knowledge of the users or even the developers of Applications
The collection of personal information of the data corridor industry entails some serious risks and the industry is not regulated in the United States, so the protections provided by laws such as GDPR do not apply.
The specific details of hack are not yet known, but keeping their organization safe is about anticipating and preparing for a potential attack, says Pierre Noel, Field Ciso Emea in Expel.
“The solutions to prevent an important security incident are the protection, detection and rapid response of incidents.
Take control of your data
If you use the Internet regularly, unfortunately, your information is more likely to have fallen into the hands of a third party, whether it is a company to use and gave permission, appeared in a data violation, or if a corridor has been legally sold.
“Data privacy day serves as a crucial reminder to safeguard confidential information in an era where the data dominates,” says Dr. Ellison Anne Williams, CEO and founder of Aveil.
“As we sail for an increasingly interconnected world and transformative technologies such as AI increase their support point in the digital economy, it is essential to find ways to protect data privacy and mitigate risk.”
Because of this, a market has opened for the best personal data removal services, which can be a really powerful tool to help you scrub your employees safely by eliminating your information from data corridors.
If you are in the EU or the United Kingdom and you are protected by GDPR but you still want to completely disappear your personality online, we still have some tricks for you.
The first is to eliminate your social media accounts. As much as I can enjoy the displacement, the Cambridge Analytica scandal told us that the social networks platforms have been used to harvest their data and draw their personal relationships and personality, so if you really value your privacy, social ones have to go .
Once they have gone, you must travel your other accounts. Innocuous accounts as purchasing sites or dating profiles will probably monitor their purchases or sell their demographic information, so it is also key. An excellent advice is to search in your entrance tray to 'register' or related phrases to obtain a reasonably precise list to work.
In the future, remaining anonymous online will be much easier with a virtual private network (VPN). This essentially encrypts its Internet traffic so that its navigation history is not recorded and hides its IP address, so that its location cannot be shared. We have listed the best VPN services to stay safe.
