Notebookcheck Logo

Tinder, Candy Crush, and Call of Duty: Mobile among apps targeted in alarming location data scandal

Collected data comes from a variety of sensitive areas, including religious apps, VPN services and pregnancy trackers. (Image source: Maël BALLAND on Unsplash)
Collected data comes from a variety of sensitive areas, including religious apps, VPN services and pregnancy trackers. (Image source: Maël BALLAND on Unsplash)
Leaked data shows apps like Tinder and Candy Crush were involved in massive location data exploitation through ad networks. Sensitive user info was collected and sold, and this raises major privacy and security concerns.

A recent investigation reveals the widespread misuse of mobile location data collected through the online advertising ecosystem. Sensitive information from popular apps like Tinder, Candy Crush, Call of Duty: Mobile and Subway Surfers has allegedly been harvested and sold to companies, including Gravy Analytics, whose subsidiary has previously sold location data to U.S. law enforcement agencies. The findings point towards the systemic vulnerabilities in real-time bidding (RTB) processes - a method used to place ads but exploited for mass data collection.

Hacked files from Gravy Analytics indicate that data from thousands of apps across Android and iOS devices were collected. Much of this data likely originates from advertising networks rather than app developers themselves. According to Zach Edwards, a cybersecurity expert, this data collection occurs "not through code embedded into the apps but from the online advertising bid stream."

One of the most concerning revelations is that the collected data spans sensitive areas, including religious apps, VPN services and even pregnancy trackers. This extends to apps like MyFitnessPal and My Period Calendar, which handle personal and health-related information. Such data collection often occurs without the knowledge or consent of app developers or users.

Gravy Analytics has straight up denied involvement in some claims, shifting responsibility to its partners. However, the investigation also sheds light on how rogue actors and data brokers exploit the RTB ecosystem to gain access to location data. This includes cases where data brokers accessed user locations via ads, even from apps that publicly and explicitly claim they do not share such information.

Experts warn that without stricter oversight, such practices pose major privacy risks, as location data can be weaponized for surveillance or commercial exploitation.

Source(s)

Read all 2 comments / answer
static version load dynamic
Loading Comments
Comment on this article
Please share our article, every link counts!
Mail Logo
> Expert Reviews and News on Laptops, Smartphones and Tech Innovations > News > News Archive > Newsarchive 2025 01 > Tinder, Candy Crush, and Call of Duty: Mobile among apps targeted in alarming location data scandal
Anubhav Sharma, 2025-01-10 (Update: 2025-01-10)