In this episode, we discuss the latest issues with data brokers, focusing on a breach at Gravy Analytics that leaked 30 million location data points online. We also explore a vulnerability in Subaru’s Starlink system that allows unrestricted access to vehicle controls and customer data using just a last name and license plate number. Co-host Kevin Johnson joins the discussion to share insights and emphasize the need for stronger privacy regulations.

** Links mentioned on the show **

Data broker Gravy Analytics confirms a data breach after a hacker leaked millions of location records
https://techcrunch.com/2025/01/13/gravy-analytics-data-broker-breach-trove-of-location-data-threatens-privacy-millions/

Hacking Subaru: Tracking and Controlling Cars via the STARLINK Admin Panel
https://samcurry.net/hacking-subaru

** Watch this episode on YouTube **

** Become a Shared Security Supporter **

Get exclusive access to ad-free episodes, bonus episodes, listen to new episodes before they are released, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Support the show for as little as $3! Become a supporter today! https://patreon.com/SharedSecurity

** Thank you to our sponsors! **

SLNT

Visit slnt.com to check out SLNT’s amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code “sharedsecurity”.

Click Armor

To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity

** Subscribe and follow the podcast **

Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast

Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/

Watch and Subscribe on Odysee (YouTube alternative)
https://odysee.com/@SharedSecurity:c

Follow us on Bluesky: https://bsky.app/profile/sharedsecurity.bsky.social

Follow us on Mastodon: https://infosec.exchange/@sharedsecurity

Visit our website: https://sharedsecurity.net

Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe

Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe

Leave us a rating and review: https://ratethispodcast.com/sharedsecurity

Contact us: https://sharedsecurity.net/contact

The post Gravy Analytics Breach, Subaru Starlink Vulnerability Exposed appeared first on Shared Security Podcast.

*** This is a Security Bloggers Network syndicated blog from Shared Security Podcast authored by Tom Eston. Read the original post at: https://sharedsecurity.net/2025/01/27/gravy-analytics-breach-subaru-starlink-vulnerability-exposed/

January 27, 2025January 27, 2025 Tom Eston 30 Million Data Points, Cyber Security, cyber threat, Cybersecurity, Data Broker, Data Privacy, Data Regulation, Digital Privacy, Episodes, Gravy Analytics, Gravy Analytics Breach, Information Security, Infosec, Location Data Leak, Personal Data Auction, Podcast, Podcasts, Privacy, Privacy Legislation, Real-Time Bidding, security, Smart Cars Security, Subaru, Subaru Starlink Vulnerability, Subaru Vehicle Controls, technology, Vehicle Hacking, Vulnerability Exploitation, Weekly Edition