Life360 reports data breach of Tile tracking platform
Learn More
Life360, the provider of real-time location tracking, crash detection, and emergency roadside assistance services to over 66 million people globally is reporting an extortion attempt following a data breach affecting its subsidiary, Tile.
In December 2021, Life360 acquired Tile, a Bluetooth tracking service provider, for $205 million.
The breach is believed to have been facilitated using stolen credentials from a former Tile employee, allowing the attacker to send millions of requests to scrape data without detection. The attacker claims extensive access to multiple Tile systems, some of which could potentially be used to locate Tile customers or manipulate user accounts and device ownership.
The breach involved unauthorized access to a Tile customer support platform, where a threat actor extracted sensitive data including:
- Names
- Addresses
- Email addresses
- Phone numbers
- Device identification numbers
Life360's CEO, Chris Hulls, claims that that more sensitive information such as credit card numbers, passwords, login credentials, location data, and government-issued IDs were not compromised, as they were not stored on the affected platform. Life360 asserts that the incident was confined to the specific Tile customer support data and not more widespread.
Life360 has reported the extortion attempt to law enforcement and implemented measures to safeguard its systems. However, the company has not disclosed the number of affected customers or the exact timeline of the breach.
