LOGBOOK

HELP

Quiz Entry - updated: 2026.07.05

What did the 2025 Gravy Analytics breach reveal about the risks of location data held by data brokers?

A data broker holding precise location histories from thousands of apps was breached, exposing where millions of people had physically been.

Gravy Analytics (a subsidiary of Unacast) aggregated location data harvested from everyday apps — Tinder, Grindr, AccuWeather, Candy Crush, Flightradar24 and thousands more. When its cloud storage was accessed without authorization, the leaked traces could link individuals to sensitive places: places of worship, medical clinics, political events, and private homes.

Two takeaways:

  • Location is uniquely revealing. Where you go discloses your religion, health, relationships, and politics — even if no "name" field is attached.
  • The data broker layer multiplies risk. You may trust one app, but its SDK can quietly ship your coordinates to brokers who pool everyone's data into one juicy target.

Tip: Four location points are enough to uniquely identify ~95% of people (de Montjoye et al., 2013). Location is essentially a built-in fingerprint.

Go deeper:

From Quiz: PRIVACY / Data Anonymization — k-Anonymity, l-Diversity & Re-identification | Updated: Jul 05, 2026