Hackers Access Tile's Internal Tracking Tools, Customer Data

Tile, known for its Bluetooth tracking devices, was recently hacked, according to a report from 404 Media. A hacker was able to gain access to Tile's internal tools that are used for processing location data requests for law enforcement officers, and that gave the hacker customer names, addresses, email addresses, and phone numbers.

tile sticker feature
Data breaches are not uncommon these days, but Tile was not forthcoming about the attack and did not mention it until being contacted by 404 Media. The site learned about the breach from the hacker. Tile parent company Life360 published a statement about the attack on its website after being prompted to do so by 404 Media.

Similar to many other companies, Life360 recently became the victim of a criminal extortion attempt. We received emails from an unknown actor claiming to possess Tile customer information. We promptly initiated an investigation into the potential incident and detected unauthorized access to a Tile customer support platform (but not our Tile service platform). The potentially impacted data consists of information such as names, addresses, email addresses, phone numbers, and Tile device identification numbers. It does not include more sensitive information, such as credit card numbers, passwords or log-in credentials, location data, or government-issued identification numbers, because the Tile customer support platform did not contain these information types.

We believe this incident was limited to the specific Tile customer support data described above and is not more widespread. We take this event and the security of customer information seriously. We have taken and will continue to take steps designed to further protect our systems from bad actors, and we have reported this event and the extortion attempt to law enforcement. We remain committed to keeping families safe online and in the real world.

While no location information was obtained, the incident is alarming because of the nature of the tool that the hacker was able to access. The hacker was able to get into Tile's system using credentials from a former Tile employee, and was able to get into a tool that could be used to look up Tile customers by phone number. Part of that tool allowed for searching location history.

Tile told 404 Media that the hacker would not have been able to access location data from the platform that was attacked, but did not confirm whether the hacker had the appropriate authentication to perform a location request once the internal tool was accessed.

Tile is one of Apple's main competitors in the item tracking space, with Tile's trackers available as an alternative to Apple's AirTags.

Popular Stories

iPhone 16 Pro Sizes Feature

iPhone 16 Series Is Just Two Months Away: Everything We Know

Monday July 15, 2024 4:44 am PDT by
Apple typically releases its new iPhone series around mid-September, which means we are about two months out from the launch of the iPhone 16. Like the iPhone 15 series, this year's lineup is expected to stick with four models – iPhone 16, iPhone 16 Plus, iPhone 16 Pro, and iPhone 16 Pro Max – although there are plenty of design differences and new features to take into account. To bring ...
Apple Watch Series 9

2024 Apple Watch Lineup: Key Changes We're Expecting

Tuesday July 16, 2024 7:59 am PDT by
Apple is seemingly planning a rework of the Apple Watch lineup for 2024, according to a range of reports from over the past year. Here's everything we know so far. Apple is expected to continue to offer three different Apple Watch models in five casing sizes, but the various display sizes will allegedly grow by up to 12% and the casings will get taller. Based on all of the latest rumors,...
iPhone 16 Pro Left Side Feature

iPhone 16 Pro Again Rumored to Come in New 'Rose' Color

Tuesday July 16, 2024 3:53 am PDT by
Apple's upcoming iPhone 16 Pro and iPhone 16 Pro Max will be available in a new "Rose" color, claims a rumor out of China, corroborating previous claims. Chinese Weibo-based leaker OvO Baby Sauce OvO, a relatively new source of supply chain leaks, said on Tuesday that the new color code for the iPhone 16 Pro models is simply "Rose," not the previous "Rose Gold" color that Apple first offered ...
New MacBook Pros Launching Tomorrow With These 4 New Features 2

M5 MacBook Models to Use New Compact Camera Module in 2025

Wednesday July 17, 2024 2:58 am PDT by
Apple in 2025 will take on a new compact camera module (CCM) supplier for future MacBook models powered by its next-generation M5 chip, according to Apple analyst Ming-Chi Kuo. Writing in his latest investor note on unny-opticals-2025-business-momentum-to-benefit-509819818c2a">Medium, Kuo said Apple will turn to Sunny Optical for the CCM in its M5 MacBooks. The Chinese optical lens company...
tinypod apple watch

TinyPod Turns Your Apple Watch Into an iPod

Wednesday July 17, 2024 3:18 pm PDT by
If you have an old Apple Watch and you're not sure what to do with it, a new product called TinyPod might be the answer. Priced at $79, the TinyPod is a silicone case with a built-in scroll wheel that houses the Apple Watch chassis. When an Apple Watch is placed inside the TinyPod, the click wheel on the case is able to be used to scroll through the Apple Watch interface. The feature works...
macbook pro january

Best Buy's Black Friday in July Sale Takes Up to $700 Off M3 MacBook Pro for Members

Monday July 15, 2024 11:05 am PDT by
Best Buy's "Black Friday in July" sale is in full swing today, and in addition to a few iPad Air discounts we shared earlier, there are also some steep markdowns on the M3 MacBook Pro. You will need a My Best Buy Plus or Total membership in order to get some of these deals. Note: MacRumors is an affiliate partner with Best Buy. When you click a link and make a purchase, we may receive a small...

Top Rated Comments

jz0309 Avatar
5 weeks ago

Using credentials of a former employees is not hacking. Tile was the victim of a data breach.
Well, not disabling access of the account of a former employee to me means that that company doesn’t understand security, plain and simple
Score: 48 Votes (Like | Disagree)
Apple_Robert Avatar
5 weeks ago
Using credentials of a former employees is not hacking. Tile was the victim of a data breach.
Score: 32 Votes (Like | Disagree)
hieranonymous Avatar
5 weeks ago
Meanwhile Tile has been complaining Apple doesn’t give it higher-level system access.
Score: 29 Votes (Like | Disagree)
Apple_Robert Avatar
5 weeks ago

Well, not disabling access of the account of a former employee to me means that that company doesn’t understand security, plain and simple
I agree. It sounds like several people at Tile failed to do their job. No excuse for this kind of elementary data breach to have occurred not to mention having to be told about the data breach. Whomever is in charge of security need to be fired.
Score: 15 Votes (Like | Disagree)
Kierkegaarden Avatar
5 weeks ago
So “no location data was obtained” — but at the same time the hackers accessed customer names, addresses, emails, and phone numbers? Is this supposed to calm customers? I would never use this product.
Score: 14 Votes (Like | Disagree)
drumcat Avatar
5 weeks ago
Tile lost my business with their insistence on sealed batteries. Adios, Tile. Too late now.`
Score: 12 Votes (Like | Disagree)