Cyber Incident Victim: Life360

In June 2024, Life360 disclosed an unauthorized access incident affecting its Tile customer support platform following a criminal extortion attempt. An unknown actor contacted the company via email claiming possession of Tile customer information, prompting an immediate investigation. The investigation confirmed unauthorized access to Tile’s customer support systems, though the core Tile service platform remained uncompromised. Exposed data included customer names, physical addresses, email addresses, phone numbers, and Tile device identification numbers. The breach did not involve credit card information, account passwords, login credentials, location history, or government-issued ID numbers, as these data types were not stored on the affected customer support platform. Life360 assessed the incident as limited to the specific support platform dataset and found no evidence of broader system compromise. The attacker’s method of gaining access was not detailed in the disclosure.

Life360 reported the breach and extortion attempt to law enforcement and implemented security measures to protect its systems from further unauthorized access. The company emphasized ongoing efforts to enhance system protections but did not specify technical remediation steps or a timeline for the incident’s discovery and containment. No evidence suggested misuse of the exposed data, though the extortion attempt indicated potential malicious intent. CEO Chris Hulls reaffirmed Life360’s commitment to customer safety but did not announce individual notifications or identity protection services for affected users. The incident highlighted risks associated with customer support infrastructure while underscoring the absence of high-sensitivity data in the compromised environment.