U.S. safety and location services firm Life360 had a database with the personal details of 442,519 individuals stolen in March through the exploitation of an unsecured login API leaked by the threat actor emo, who just exposed more than 15 million Trello email addresses earlier this week, reports BleepingComputer.
Included in the compromised information were customers' names, email addresses, and phone numbers, which have been verified to be legitimate by BleepingComputer amid a lack of comment from Life360, which already moved to fix the API endpoint issue. Such a development comes nearly a week after Life360 confirmed the theft of data from the users of its Tile app. Infiltration of Tile's customer support platform using an ex-employee's credentials enabled the compromise of customer names, phone numbers, home and email addresses, and device IDs, but not passwords, location information, credit card numbers, and government ID numbers that have not been stored in the platform.
