A new data breach has just been made public. And that’s not good news for iPhone and Android users of popular smartphone apps, ranging from Candy Crush to MyFitnessPal.
Precise location of hacked data
The breach affected Gravy Analytics, a location data company that captures the location information of millions of users around the world who use a wide variety of well-known apps. It was first reported by 404 Media.
TechCrunch explains how this information is used in an auction to determine who can show an ad on your device:
During this near-instant auction, all bidding advertisers can see certain information about your device, such as manufacturer and model type, its IP addresses (which can be used to infer a person’s approximate location) and, in some cases, more precise location data if the app user consents to it, as well as other technical factors that help determine which ad a user will be shown.
It’s unclear how widespread the breach is and how many user locations were leaked.
Some good news for iPhone and Android users
Although the breach seems significant, there are now ways to protect yourself on an iPhone or Android device.
On an iPhone, when you first open a newly downloaded app, some apps display a dialog box asking you to track your activity. If you selected Ask the app not to track, your location is not accessible to data brokers like Gravy Analytics.
To make sure iPhone apps can’t track you, go to Settings > Privacy & Security > Tracking. Make sure to disable Allow apps to request tracking. This will automatically deny all tracking requests from apps.
On Android, try accessing Privacy > Announcements. Check if you can delete your advertising ID.
Online advertising is everywhere. There are several effective ways to avoid targeted ads when shopping from your computer.
