Car Tracking Device Data Exposed–Linked to Amazon S3 Bucket

So much has been in the news about device data breaches tied to consumer personal information that it is hard to imagine another vulnerability that has just been discovered. This one centers on data captured by a vehicle tracking system offered by SVR Tracking. SVR tracking devices are installed on customer’s vehicles, so they can be monitored around-the-clock just in case their vehicle is towed or stolen.

The Kromtech Security Center found the data vulnerability. Whereby, half a million records were publicly accessible through an unsecured Amazon S3 bucket (a cloud computing storage product). The car tracking device exposed email addresses and passwords, as well as some license plates and vehicle identification numbers (VIN) for 540,000 accounts.

Besides the fear of personal information getting into the wrong hands, this vehicle tracking data breach carries another fear: cyber criminals finding out where a car is by logging into the SVR tracking app using info that was publicly available online and doing harm to passengers or the car.

If you or someone you know have an SVR tracking device installed on your vehile, please contact us now. Our consumer protection attorneys are happy to discuss a potential class-action lawsuit.