The technique highlights another gap in the security of telecom companies, and how they have, at times, exposed sensitive customer data to bounty hunters, stalkers, and other people not authorized to handle it. In some cases, scammers sought out so-called “E911” data intended for first responders, which is highly precise and can in some cases pinpoint a device’s location inside a building.
“So many people are doing that and the telcos have been very stupid about it. They have not done due diligence and called the police [departments] directly to verify the case or vet the identity of the person calling,” Valerie McGilvrey, a skiptracer who said she has bought phone location data from those who obtained access to it, told Motherboard. A skiptracer is someone tasked with finding out where people, typically fugitives on the run or those who owe a debt, are located.