Hackers Access Tile's Internal Tracking Tools, Customer Data

by

Tile, known for its Bluetooth tracking devices, was recently hacked, according to a report from 404 Media. A hacker was able to gain access to Tile's internal tools that are used for processing location data requests for law enforcement officers, and that gave the hacker customer names, addresses, email addresses, and phone numbers.

tile sticker feature
Data breaches are not uncommon these days, but Tile was not forthcoming about the attack and did not mention it until being contacted by 404 Media. The site learned about the breach from the hacker. Tile parent company Life360 published a statement about the attack on its website after being prompted to do so by 404 Media.

Similar to many other companies, Life360 recently became the victim of a criminal extortion attempt. We received emails from an unknown actor claiming to possess Tile customer information. We promptly initiated an investigation into the potential incident and detected unauthorized access to a Tile customer support platform (but not our Tile service platform). The potentially impacted data consists of information such as names, addresses, email addresses, phone numbers, and Tile device identification numbers. It does not include more sensitive information, such as credit card numbers, passwords or log-in credentials, location data, or government-issued identification numbers, because the Tile customer support platform did not contain these information types.

We believe this incident was limited to the specific Tile customer support data described above and is not more widespread. We take this event and the security of customer information seriously. We have taken and will continue to take steps designed to further protect our systems from bad actors, and we have reported this event and the extortion attempt to law enforcement. We remain committed to keeping families safe online and in the real world.

While no location information was obtained, the incident is alarming because of the nature of the tool that the hacker was able to access. The hacker was able to get into Tile's system using credentials from a former Tile employee, and was able to get into a tool that could be used to look up Tile customers by phone number. Part of that tool allowed for searching location history.

Tile told 404 Media that the hacker would not have been able to access location data from the platform that was attacked, but did not confirm whether the hacker had the appropriate authentication to perform a location request once the internal tool was accessed.

Tile is one of Apple's main competitors in the item tracking space, with Tile's trackers available as an alternative to Apple's AirTags.

Popular Stories

iPhone SE 4 Vertical Camera Feature

iPhone SE 4 Rumored to Use Same Rear Chassis as iPhone 16

Friday July 19, 2024 7:16 am PDT by
Apple will adopt the same rear chassis manufacturing process for the iPhone SE 4 that it is using for the upcoming standard iPhone 16, claims a new rumor coming out of China. According to the Weibo-based leaker "Fixed Focus Digital," the backplate manufacturing process for the iPhone SE 4 is "exactly the same" as the standard model in Apple's upcoming iPhone 16 lineup, which is expected to...
Read Full Article132 comments
iPhone 16 Pro Sizes Feature

iPhone 16 Series Is Just Two Months Away: Everything We Know

Monday July 15, 2024 4:44 am PDT by
Apple typically releases its new iPhone series around mid-September, which means we are about two months out from the launch of the iPhone 16. Like the iPhone 15 series, this year's lineup is expected to stick with four models – iPhone 16, iPhone 16 Plus, iPhone 16 Pro, and iPhone 16 Pro Max – although there are plenty of design differences and new features to take into account. To bring ...
Read Full Article129 comments
iphone 14 lineup

Cellebrite Unable to Unlock iPhones on iOS 17.4 or Later, Leak Reveals

Thursday July 18, 2024 4:18 am PDT by
Israel-based mobile forensics company Cellebrite is unable to unlock iPhones running iOS 17.4 or later, according to leaked documents verified by 404 Media. The documents provide a rare glimpse into the capabilities of the company's mobile forensics tools and highlight the ongoing security improvements in Apple's latest devices. The leaked "Cellebrite iOS Support Matrix" obtained by 404 Media...
Read Full Article66 comments
tinypod apple watch

TinyPod Turns Your Apple Watch Into an iPod

Wednesday July 17, 2024 3:18 pm PDT by
If you have an old Apple Watch and you're not sure what to do with it, a new product called TinyPod might be the answer. Priced at $79, the TinyPod is a silicone case with a built-in scroll wheel that houses the Apple Watch chassis. When an Apple Watch is placed inside the TinyPod, the click wheel on the case is able to be used to scroll through the Apple Watch interface. The feature works...
Read Full Article133 comments
bsod

Crowdstrike Says Global IT Outage Impacting Windows PCs, But Mac and Linux Hosts Not Affected

Friday July 19, 2024 3:12 am PDT by
A widespread system failure is currently affecting numerous Windows devices globally, causing critical boot failures across various industries, including banks, rail networks, airlines, retailers, broadcasters, healthcare, and many more sectors. The issue, manifesting as a Blue Screen of Death (BSOD), is preventing computers from starting up properly and forcing them into continuous recovery...
Read Full Article474 comments
New MacBook Pros Launching Tomorrow With These 4 New Features 2

M5 MacBook Models to Use New Compact Camera Module in 2025

Wednesday July 17, 2024 2:58 am PDT by
Apple in 2025 will take on a new compact camera module (CCM) supplier for future MacBook models powered by its next-generation M5 chip, according to Apple analyst Ming-Chi Kuo. Writing in his latest investor note on unny-opticals-2025-business-momentum-to-benefit-509819818c2a">Medium, Kuo said Apple will turn to Sunny Optical for the CCM in its M5 MacBooks. The Chinese optical lens company...
Read Full Article112 comments

Top Rated Comments

jz0309 Avatar
jz0309
6 weeks ago

Using credentials of a former employees is not hacking. Tile was the victim of a data breach.
Well, not disabling access of the account of a former employee to me means that that company doesn’t understand security, plain and simple
Score: 48 Votes (Like | Disagree)
Apple_Robert Avatar
Apple_Robert
6 weeks ago
Using credentials of a former employees is not hacking. Tile was the victim of a data breach.
Score: 32 Votes (Like | Disagree)
hieranonymous Avatar
hieranonymous
6 weeks ago
Meanwhile Tile has been complaining Apple doesn’t give it higher-level system access.
Score: 29 Votes (Like | Disagree)
Apple_Robert Avatar
Apple_Robert
6 weeks ago

Well, not disabling access of the account of a former employee to me means that that company doesn’t understand security, plain and simple
I agree. It sounds like several people at Tile failed to do their job. No excuse for this kind of elementary data breach to have occurred not to mention having to be told about the data breach. Whomever is in charge of security need to be fired.
Score: 15 Votes (Like | Disagree)
Kierkegaarden Avatar
Kierkegaarden
6 weeks ago
So “no location data was obtained” — but at the same time the hackers accessed customer names, addresses, emails, and phone numbers? Is this supposed to calm customers? I would never use this product.
Score: 14 Votes (Like | Disagree)
drumcat Avatar
drumcat
6 weeks ago
Tile lost my business with their insistence on sealed batteries. Adios, Tile. Too late now.`
Score: 12 Votes (Like | Disagree)
Read All Comments