“In the case of Securus Technologies, as soon as we determined that Securus was accessing location information for unauthorized purposes, we immediately blocked Securus’s access to customer location information through our vendor LocationSmart,” the letter from Verizon reads.LocationSmart is the company that provided geolocation data to Securus. Shortly after the Times piece, security journalist Brian Krebs as well as ZDNet reported that LocationSmart’s website was open to a serious vulnerability, where anyone could look up the real-time location of nearly any phone in the United States, for free, without any authorization.Got a tip? You can contact this reporter securely on Signal on +44 20 8133 5190, OTR chat on jfcox@jabber.ccc.de, or email joseph.cox@vice.com.
Get six of our favorite Motherboard stories every day by signing up for our newsletter."Securus Technologies takes privacy and security extremely seriously and we are supportive of efforts to ensure individual data is protected. Under our contract with a third party that accesses location data from LocationSmart, Securus is authorized to provide law enforcement and correctional officials the approximate location of a mobile telephone, based on either consent by the called party or lawful process such as a search warrant or affidavit. Securus adheres to the terms of our contract and requires customers to acquire all legal approvals needed to access an individual’s location. This information has been successfully used to locate missing children and adults suffering from dementia, as well preventing a planned escape attempt before it could be carried out. We believe that ending the ability of law enforcement to use these critical tools will hurt public safety and put Americans at risk."