Engadget: US carriers say they’ve stopped selling location data. “You might not have to worry quite so much about carriers selling your phone location data to less-than-diligent third parties. AT&T, Sprint, T-Mobile and Verizon (Engadget’s parent company) have provided responses to FCC Commissioner Jessica Rosenworcel’s request for an update on the practice, with all four saying they’d halted sales to aggregators sometime after promising to do so back in June 2018. “
Ars Technica: Refunds for 300 million phone users sought in lawsuits over location-data sales. “The four major US wireless carriers are facing proposed class-action lawsuits accusing them of violating federal law by selling their customers’ real-time location data to third parties. The complaints seeking class action status and financial damages were filed last week against AT&T, Verizon, T-Mobile, and Sprint in US District Court for the District of Maryland.”
Motherboard: Hundreds of Bounty Hunters Had Access to AT&T, T-Mobile, and Sprint Customer Location Data for Years. “Around 250 bounty hunters and related businesses had access to AT&T, T-Mobile, and Sprint customer location data, with one bail bond firm using the phone location service more than 18,000 times, and others using it thousands or tens of thousands of times, according to internal documents obtained by Motherboard from a company called CerCareOne, a now-defunct location data seller that operated until 2017. The documents list not only the companies that had access to the data, but specific phone numbers that were pinged by those companies.”
The Register: AT&T, Sprint, Verizon, T-Mobile US pledge, again, to not sell your location to shady geezers. Sorry, we don’t believe them. “US cellphone networks have promised – again – that they will stop selling records of their subscribers’ whereabouts to anyone willing to cough up cash.” I don’t believe them either.
Motherboard: I Gave a Bounty Hunter $300. Then He Located Our Phone. “T-Mobile, Sprint, and AT&T are selling access to their customers’ location data, and that data is ending up in the hands of bounty hunters and others not authorized to possess it, letting them track most phones in the country.”
TechCrunch: Weak passwords let a hacker access internal Sprint staff portal . “It’s not been a great week for cell carriers. EE was hit with two security bugs and T-Mobile admitted a data breach. Now, Sprint is the latest phone giant to admit a security lapse, TechCrunch has learned.”