Hacker claims breach at Gravy Analytics data firm

A hacker claims to have stolen 1.4 gigabytes of data from Gravy Analytics.

Gravy Analytics reportedly had 1.4 gigabytes of data stolen by a hacker.

A hacker claims to have breached US location tracking company Gravy Analytics, leaking around 1.4 gigabytes of data. The allegation, shared on a Russian-language cybercriminal forum, included screenshots suggesting a data theft. Verification attempts were complicated as Gravy’s website remained offline and the company did not respond to messages.

Cybersecurity experts reviewing the leaked data found the breach credible. Marley Smith from RedSense and John Hammond from Huntress both confirmed the data appeared legitimate, though the hacker’s identity remains unclear.

Gravy was previously involved in a crackdown by President Biden’s administration targeting data brokers collecting sensitive location data without proper consent. The Federal Trade Commission (FTC) settled with Gravy and Mobilewalla in December over allegations of deceptive data practices.

The FTC expressed concerns that such data could be misused for stalking, blackmail, and espionage but declined to comment on the breach. FTC Chair Lina Khan recently warned that targeted advertising practices leave sensitive data highly vulnerable.