Massive Data Leak Exposes Life360 Users' Personal Information
A significant data breach has compromised the personal information of almost 500,000 Life360 users, which has now surfaced on the dark web.
Recently, a hacker using the alias ‘emo’ shared a database on an underground forum containing the emails, phone numbers, and full names of 442,519 users. The hacker acknowledged that they were not responsible for the initial breach.
“Shoutout to the original person who breached the site,” the hacker noted in their post.
Details of the Breach
According to BleepingComputer, the breach occurred in March 2024 due to a vulnerability in Life360’s login API. The leaked data has been confirmed to be accurate.
The hacker explained that the vulnerability allowed unauthorized access to users' first names and phone numbers. For verified phone numbers, the system would display partially obscured numbers, such as +1******4830.
Life360 has since patched the vulnerability, updating the API to return placeholder numbers instead of real phone details.
About Life360
Life360 is a popular app designed for family coordination, offering features like real-time location sharing, geofencing, and safety alerts. It is available on both Android and iOS, helping users monitor their family members' locations and movements.
Ongoing Security Concerns
This breach adds to Life360’s recent security issues. The company had earlier reported an extortion attempt where hackers compromised a Tile customer support platform, stealing sensitive information including names, addresses, email addresses, phone numbers, and device IDs.
