The Spy Who Tracked Me

Who needs the CIA when you’ve got mobile phone data?

In 2018, while the FBI was working the El Chapo case, an agent got a tip from someone with ties to the Sinaloa Cartel. Joaquín "El Chapo" Guzmán, the cartel’s boss, was already in U.S. custody, but the organization he left behind wanted to know who the Americans had been talking to—and they’d hired a hacker to find out.

According to the source, the hacker was monitoring comings and goings at the U.S. Embassy in Mexico City. One target stood out: an FBI Assistant Legal Attaché. With nothing more than a phone number, the hacker pulled call logs and geolocation data to track the agent’s movements. They even tapped into Mexico City’s CCTV system to tail him around town and identify the attaché’s contacts.

According to a Justice Department audit released last week, the FBI later learned the cartel had used that surveillance to intimidate—and, in some cases, kill—potential sources.

This wasn’t spy vs. spy tradecraft honed over years of training. This was off-the-shelf surveillance—the same kind that’s tracking you and me right now.

And it’s only getting worse.