Hackers have made a new victim: Life360, manufacturer of Bluetooth Tile beacons, which allow you to locate objects. By obtaining the login data of a former employee, a hacker managed to access a customer support platform of the company, reports 404 Media, which was able to speak with the author of the attack. He thus accessed internal tools making it possible, in particular, to process data requests submitted by law enforcement or to transfer ownership of a tag to another email address. This allowed it to collect personal information from users of these products. Names, addresses, email addresses, phone numbers and Tile device ID numbers were compromised, the company confirmed. The company, which claims 20 million users of its Bluetooth beacons, however, did not give details on the number of customers affected, nor on the date of the hack.
“Basically, I had access to everything,” the hacker said in an online conversation with 404 Media, which verified his claims. He claimed to have demanded a ransom from Tile, but received no response.
In a statement, Chris Hulls, boss of Tile, assured that credit card numbers, passwords, login credentials, location data and government-issued identification numbers are not part of the data siphoned by the hacker. The customer support platform did not contain these types of information, it says. “We have taken and will continue to take steps to better protect our systems from bad actors, and we have reported this event and the extortion attempt to law enforcement,” he added.
