An unverified hacker alleges a successful data breach at Gravy Analytics, a U.S. location tracking firm, based on online screenshots of the claim.

The specifics of the breach remain unclear. Early Sunday, a Russian-language post and accompanying screenshots appeared on XSS, a website frequented by attention-seeking cybercriminals. The post asserted a successful hack of the company and the theft of substantial data.

Reuters was unable to immediately establish contact with the individual(s) behind the posts, initially reported by tech publication 404media.

Location intelligence company Unacast, which merged with Gravy in 2023, could not be reached for comment. Gravy’s website was offline Wednesday, and multiple messages were not answered. An individual encountered at Unacast’s modest office within an Ashburn, Virginia, coworking space declined to comment, citing lack of authorization.

Experts examining approximately 1.4 gigabytes of leaked data, appearing online concurrently with the hacking claim, believe the information originated from Gravy.

Marley Smith, principal threat researcher at cyber intelligence firm RedSense, affirmed, “It passes the smell test 100 percent.”

John Hammond of cybersecurity firm Huntress concurred.

“It all seems to point to it being legitimate,” he stated.

Gravy was among two companies targeted in a recent crackdown by the Biden administration on data brokers specializing in using cellular data to provide highly precise real-time location information on individuals.

This data can be utilized for targeted online advertising, government surveillance, and corporate tracking. The Federal Trade Commission (FTC) has voiced concerns about its potential misuse for stalking, blackmail, and espionage.

In December, the FTC announced settlements with Gravy and Mobilewalla, another data broker, alleging deceptive practices in collecting location data without proper consent.

The FTC declined to comment on the reported breach. FTC Chair Lina Khan previously stated, “the multi-billion-dollar industry built around targeted advertising may presently leave Americans’ sensitive data extraordinarily exposed.”