Several vulnerabilities impacting twenty-nine models of GPS trackers expose real-time location data as Avast Threat Labs researchers found. The flaws were found in GPS location trackers manufactured by the Shenzhen i365 Tech, with over 600,000 users from countries all over the world and resold under multiple brands on various e-commerce platforms like Amazon or eBay. All the communication with the trackers’ online portal is unencrypted, with the data being sent in plain text over HTTP and exposing it to interception attacks.
Source: https://www.bleepingcomputer.com/news/security/buggy-gps-trackers-expose-childrens-real-time-location/