Phone data-leak company: No record of location-data abuse

A California company confirmed that a flaw in its website allowed outsiders to pinpoint the location of mobile phones in the United States without authorization.

But LocationSmart, which gathers real-time data on cellular wireless devices, says it has no evidence that anyone exploited the vulnerability before May 16, when a security researcher at Carnegie Mellon discovered it.

Brenda Schafer, a LocationSmart vice president, said via email Friday that the company is still seeking to verify that no location data was accessed without individual subscribers' consent. She did not respond to questions about LocationSmart's business practices or how long the flaw had...