"Data of Millions of mSpy Customers Leaked Online"

According to security researchers at Have I Been Pwned, over 310 gigabytes of data from spyware maker mSpy, including 2.4 million unique emails, was leaked online in June.  The researchers noted that the data, reportedly leaked online by hacktivists, includes 142 GB of user data, such as email addresses, IP addresses, and names, obtained from support tickets filed by individuals seeking help to install the application.  An additional 176 GB of attachments, including screen captures of financial transactions, photos of credit cards, and selfies, were also leaked.  According to TechCrunch, some of the leaked data includes support tickets from senior-ranking US military personnel, a court judge, a county sheriff’s office, and a government department’s watchdog.  A controversial mobile and computer monitoring software, mSpy is advertised as a parental control application that can be used on Android, iOS, macOS, and Windows devices to monitor and log the activity of those devices’ users.  While it’s supposed to have a legitimate purpose, the application is being used as surveillanceware (or spyware) to monitor individuals in real time, without their knowledge or consent, which is illegal.  The surveillance software company has suffered at least two data breaches in the past. 

 

SecurityWeek reports: "Data of Millions of mSpy Customers Leaked Online"

Submitted by Adam Ekwall on