Tile customer data stolen by hacker in serious breach — what to do now

A Tile tracker in hand
(Image credit: Tom's Guide)

Life360 has confirmed that its subsidiary Tile has fallen victim to a data breach after a hacker recently gained access to the systems of the maker of Bluetooth-based key finders.

As reported by The Verge, the lone hacker responsible used stolen employee credentials to access Tile customer data including names, addresses, emails and phone numbers. 

The story itself was initially revealed by 404 Media which had direct contact with the hacker. According to the conversation the outlet had with the hacker, the now exposed customer information came from a database used to help identify owners of specific Tile trackers

In a statement, Life360 CEO Chris Hulls has provided further insight on the breach explaining that Tile’s parent company “recently became the victim of a criminal extortion attempt.” Apparently, the hacker emailed the company saying they had Tile customer information in their possession and tried to negotiate a ransom payment for it.

After this, Life360 conducted an investigation which led to it finding that a Tile customer support platform was accessed by an unauthorized person. This is where the customer information was stolen from, but fortunately, sensitive information like credit card numbers, passwords or location data wasn’t stolen as this particular support platform didn’t contain that type of data.

At this time, Life360 believes that the data breach was limited to that specific Tile customer support platform and was not more widespread. 

In a statement to Tom's Guide via email, a Life360 spokesperson explained that the support platform is for internal use only and is used as part of a multi-phased process for initiating law enforcement data requests (404 Media initially reported that it was intended for law enforcement).  They also explained that "Life360 maintains multiple layers of automated and human-intervention prior to responding to a law enforcement request for Tile user data. We have also challenged the legal sufficiency of warrants where appropriate."

Tile data breach: what to do now

An open lock depicting a data breach

(Image credit: Shutterstock)

Normally when we report on a data breach, it’s after the company in question has reported what happened to the authorities in the form of a data breach notification letter. In addition to how many customers are affected, these letters often include how the affected company will make things right with its customers.

From providing free access to the best identity theft protection services to offering free credit monitoring, there’s quite a lot a company can do after a data breach to restore trust with its customers. In this case though, it’s still too early to tell and we don’t know whether or not this is a widespread problem or isolated only to a small number of Tile customers.

As such, for the time being, it’s going to be up to you to take the necessary precautions to stay safe from any fallout after this data breach. Since we do know that names, addresses, emails and phone numbers were exposed, other cybercriminals could use this stolen data to launch targeted phishing attacks. For this reason, you need to be extra careful when checking your inbox or even when checking your mailbox in person.

Hackers can send you malicious emails that contain dangerous malware or they could even ship you a USB flash drive with malware pre-installed on it. Fortunately though, they won’t be able to steal your identity as the Social Security numbers of Tile customers weren’t exposed in this breach.

As Tile users ourselves, we will be following this story closely and we’ll keep you updated once we know more.

More from Tom's Guide

TOPICS
Anthony Spadafora
Managing Editor Security and Home Office

Anthony Spadafora is the managing editor for security and home office furniture at Tom’s Guide where he covers everything from data breaches to password managers and the best way to cover your whole home or business with Wi-Fi. He also reviews standing desks, office chairs and other home office accessories with a penchant for building desk setups. Before joining the team, Anthony wrote for ITProPortal while living in Korea and later for TechRadar Pro after moving back to the US. Based in Houston, Texas, when he’s not writing Anthony can be found tinkering with PCs and game consoles, managing cables and upgrading his smart home. 

Read more
A picture showing different credit cards stacked on top of each other on a table
5 million Americans just had their credit card details leaked online — what to do now
An open lock depicting a data breach
Thousands including children exposed in major data breach — names, addresses, Social Security numbers and more accessed by hackers
An open lock depicting a data breach
Massive healthcare data breach just exposed the personal info of 1 million Americans — what to do now
A hacker typing quickly on a keyboard
Half a million medical patients just had their addresses, dates of birth, SSNs and more stolen by hackers — how to stay safe
An open lock depicting a data breach
3.5 million hit in major law firm data breach — full names, SSNs, dates of birth, addresses and more exposed
Globe Life insurance company logo on a cell phone in front of a monitor display the About page for the company. Shadowy hand holds the phone.
850,000 people exposed in massive insurance data breach — full names, dates of birth and SSNs
Latest in Online Security
An image of a CAPTCHA
Hackers are using reCAPTCHA to trick users into infecting their own PCs with malware — how to stay safe
A smartphone screen displaying the Android name and logo next to a sign reading 'MALWARE'.
Fake Google Play Store pages are spreading Trojan malware that can steal your financial data
Best antivirus software
How does antivirus software work
and image of the Google Chrome logo on a laptop
Google Chrome at risk from shape-shifting browser extensions — how to stay safe
Green skull on smartphone screen.
Over 1 million Android devices infected with password-stealing, pre-installed botnet malware — how to stay safe
Android 12
Google March Android Security Update fixes two high severity vulnerabilities — update now
Latest in News
Nintendo Switch 2 promo image
Nintendo Switch 2 patent hints at a major improvement — and it could be the reason for the mysterious “C” button
Cruel Intentions on Prime Video
Amazon cancels 'Cruel Intentions' after one season on Prime Video
(L-R) Adeline Rudolph and Jack Kesy in "Hellboy: The Crooked Man" (2024).
Hulu top 10 movies — here's what you need to be watching right now
How to tour the Super Bowl stadium virtually with Google Maps
Google Maps glitch is purging Timeline data — what we know
The iPhone 17 Air next to an iPhone 16 Pro Max
iPhone 17 Air could be this thin — new photo vs iPhone 16 Pro Max
Galaxy Z Fold 6 shown in hand
Samsung Galaxy Z Fold 6 just got these major upgrades with One UI 7