LocationSmart, a service that identifies real-time locations of AT&T, Sprint, and Verizon smart phones up to a hundred yards in proximity, has been exposed by security researchers due to a free trial exploitation.
In order to gain access to the free trial demo, a prospective user would enter their name, email address, and phone number. LocationSmart would then message the user asking for permission to locate their mobile device, utilizing the closest cellular network tower.
It was then that Security researcher, Robert Xiao figured out that practically anyone with web development experience could expose the LocationSmart demo site in order to gain access to mobile phone locations without having to supply a password or login credentials.
Fortunately for LocationSmart, Krebs and Robert Xiao of Carnegie Mellon University were able to address this vulnerability before their users could be exploited by cybercriminals (or so we know). Equipping a Cyber Insurance policy would protect SmartLocation or any business in the event they would have been hacked.
Evolve MGA offers cyber liability insurance that covers policyholders in the event their cloud data is hacked. If you’re interested in protecting your business with cyber coverage, head over to our website for a free cyber quote!
If you’d like to read more about LocationSmart, click here.