Company used by police, prisons to find any mobile device breached (again)


Enlarge / Usernames, passwords, emails, and phone numbers of thousands of users of a system designed to investigate prisoners’ phone calls were allegedly exposed in a hack, details leaked to Motherboard suggest. (credit: Securus Technologies)

Securus Technologies—the company that provides a geolocation service used for cell phone tracking by law enforcement agencies—has been hacked, exposing the usernames and weakly protected passwords of thousands of customers. The person claiming to be responsible for the breach provided some of the data to Motherboard’s Joseph Cox, along with an explanation of how it was obtained. Securus has not confirmed the breach.

Securus, which offers phone services for prisons, began offering location-based tracking to help prisons track where inmates’ calls were actually going to. This allowed prisons to “geofence” areas “associated with illegal activity,” as a redacted Securus brochure posted online by the Electronic Frontier Foundation shows. But that same service can be used to show the location of mobile phones on a map. The service, called GeoLoc, “provides the approximate location of the cellular device being called at both the beginning and the end of the call,” the Securus marketing material states.

But the data Securus uses for GeoLoc can also be used for other purposes—including tracking the location of virtually any cell phone. A Web-based application from Securus, called Securus Call Platform, allows law enforcement officers to log in from a browser and run searches for mobile devices without requiring an outbound call.

Read 3 remaining paragraphs | Comments

Posted on: May 16, 2018, by : techno

Leave a Reply

Your email address will not be published. Required fields are marked *