AccuWeather, a popular climate and forecast app for iOS, has been caught sharing the private location information of its users with revealmobile .com, a data monetization company.

Will Strafach, writing on Medium:

The AccuWeather application for iOS requests location access under the premise of providing users localized severe weather alerts, critical updates, and faster launch time. Granting access to location information will also cause the application to send the following bits of information off to "revealmobile.com":

  • Your precise GPS coordinates, including current speed and altitude.
  • The name and "BSSID" of the Wi-Fi router you are currently connected to, which can be used for geolocation through various online services.
  • Whether your device has bluetooth turned on or off.

During a testing period of 36 hours, specifically while the AccuWeather application was not in the foreground, my test iPhone (located on a desk in an office building) sent the above information to RevealMobile a total of 16 times, occuring roughly once every few hours.

Read the whole thing, then decide what will happen first: you deleting AccuWeather or Apple dropping the hammer on them.

Update: Accuweather issues non-response response

I don't even want to quote from what Accuweather posted as a non-response response. It dodges the issues with a classic "we did nothing wrong and if we did we didn't know!" non-defense defense. Shame.

John Gruber has thoroughly torn it apart on Daring Fireball if you want to dive deeper.

And if you didn't delete it before, you'll probably want to now.