Sunday, June 15, 2025
HomeHacksAccuWeather found Sending User Location Details Even if Location Sharing Turned Off

AccuWeather found Sending User Location Details Even if Location Sharing Turned Off

Published on

SIEM as a Service

Follow Us on Google News

Security researcher Will Strafach identified that famous Weather App AccuWeather sending geolocation data to third party data mining firm.

He intercepted the traffic with the latest version of AccuWeather from his iPhone and it appears Wi-Fi router name and its unique MAC address to the servers of data monetization even if the App not permitted for sharing location OR even when the user has switched off location sharing.

Also Read Israeli company that can hack any iPhone

- Advertisement - Google News

If you don’t provide permission to access GPS information, still it can manage to send your Wi-Fi router name and BSSID to Revealmobile, and they have access to less precise location data relating to your device’s whereabouts says Strafach.

https://twitter.com/chronic/status/899773823532380160

At the point when the location is empowered, it sends the down-to-the-meter exact directions of the client, including pace and latitude, back to the data mining firm.Says ZDNet.

ZDNet finds that data mining firm isn’t an immediate publicizer however instead helps give data to advertisers.Reveal in a brochure says that it turns the location data commencing of these apps into what it claims to be “meaningful audience knowledge.”

Also read  Unlock iPhone with Siri – Without password

Reveal has stated that the SDK could be misconstrued, and they assure that no reverse engineering of locations was ever conducted by any information they gathered, nor was that the intent.

“In the future, AccuWeather plans to use data through Reveal Mobile for audience segmentation and analysis, to build a greater audience understanding and create more contextually relevant and helpful experiences for users and for advertisers,” said David Mitchell, AccuWeather’s executive vice president of emerging platforms, on the call with ZDNet.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Kali Linux 2025.2 Released: New Tools, Smartwatch and Car Hacking Added

Kali Linux, the preferred distribution for security professionals, has launched its second major release...

Arsen Launches AI-Powered Vishing Simulation to Help Organizations Combat Voice Phishing at Scale

Arsen, the cybersecurity startup known for defending organizations against social engineering threats, has announced...

NIST Releases New Guide – 19 Strategies for Building Zero Trust Architectures

The National Institute of Standards and Technology (NIST) has released groundbreaking guidance to help...

Spring Framework Flaw Enables Remote File Disclosure via “Content‑Disposition” Header

A medium-severity reflected file download (RFD) vulnerability (CVE-2025-41234) in VMware's Spring Framework has been...

Credential Abuse: 15-Min Attack Simulation

Credential Abuse Unmasked

Credential abuse is #1 attack vector in web and API breaches today (Verizon DBIR 2025). Join our live, 15-min attack simulation with Karthik Krishnamoorthy (CTO - Indusface) and Phani Deepak Akella (VP of Marketing - Indusface) to see hackers move from first probe to full account takeover.

Discussion points


Username & email enumeration – how a stray status-code reveals valid accounts.
Password spraying – low-and-slow guesses that evade basic lockouts.
Credential stuffing – lightning-fast reuse of breach combos at scale.
MFA / session-token bypass – sliding past second factors with stolen cookies.

More like this

Volkswagen Car Hack Exposes Owner’s Personal Data and Service Records

Tech-savvy Volkswagen owner has uncovered critical security flaws in the My Volkswagen app that...

North Korean Hacker Tries to Infiltrate Kraken Through Job Application

Leading cryptocurrency exchange Kraken has disclosed that it recently thwarted an infiltration attempt by...

Gain Legends International Suffers Security Breach – Customers Data Stolen

Gain Legends International, a prominent name in sports, entertainment, and venue management, has confirmed...