Website flaw exposes real-time locations of US cellphones

A security researcher says a website flaw at a U.S. company could have allowed anyone to pinpoint the location of nearly any cellphone in the United States.

The lapse at LocationSmart, a company that gathers real-time data on cellular wireless devices, is the latest to highlight how little protection consumers have from trafficking in data about their location. LocationSmart says it has access to data on 95 percent of U.S. wireless subscribers.

The case was first reported by independent journalist Brian Krebs.

Carnegie Mellon researcher Robert Xiao says LocationSmart took the flawed webpage offline Thursday, a day after he discovered the flaw and notified the company. LocationSmart did not immediately respond to requests for comment.