Data of Millions of mSpy Customers Leaked Online

Share This Post

More than 310 gigabytes of data from spyware maker mSpy, including 2.4 million unique emails, was leaked online in June, and obtained by data breach notification site Have I Been Pwned.

The data, reportedly leaked online by hacktivists, includes 142 Gb of user data such as email addresses, IP addresses, and names, obtained from support tickets filed by individuals seeking help to install the application.

An additional 176 Gb of attachments, which include screen captures of financial transactions, photos of credit cards, and selfies, was also leaked.

According to TechCrunch, some of the leaked data includes support tickets from senior-ranking US military personnel, a court judge, a county sheriff’s office, and a government department’s watchdog.

Some of the leaked email addresses apparently belong to individuals being monitored through mSpy, journalists who contacted the company, and US law enforcement filing legal demands with the company.

The information was allegedly stolen from mSpy owner Brainstack’s Zendesk customer support system in May and includes data spanning over the past decade.

A controversial mobile and computer monitoring software, mSpy is advertised as a parental control application that can be used on Android, iOS, macOS, and Windows devices to monitor and log the activity of those devices’ users.

While it’s supposed to have a legitimate purpose, the application is being used as surveillanceware (or spyware) to monitor individuals in real time, without their knowledge or consent, which is illegal.

Advertisement. Scroll to continue reading.

mSpy has users worldwide and the company appears to be aware of the illicit use of the application, the leaked data shows.

The surveillance software company has suffered at least two data breaches in the past. A dataset containing information on over 400,000 mSpy users was leaked in 2015, and roughly two million mSpy records were leaked in 2018.

Related: Spain Reopens a Probe Into a Pegasus Spyware Case

Related: In Other News: Military Emails Leaked, Google Restricts Internet Access, Chinese Spyware

Related: Chinese Spyware Targets Uyghurs Through Apps: Report

This post was originally published on this site

More Articles
Article

Navigating SEC Regulations In Cybersecurity And Incident Response

Free video resource for cybersecurity professionals. As 2024 approaches, we all know how vital it is to keep up to date with regulatory changes that affect our work. We get it – it’s a lot to juggle, especially when you’re in the trenches working on an investigation, handling, and responding to incidents.

Report

Harassment or bullying behavior
Contains mature or sensitive content
Contains misleading or false information
Contains abusive or derogatory content
Contains spam, fake content or potential malware

Block Member?

Please confirm you want to block this member.

You will no longer be able to:

  • See blocked member's posts
  • Mention this member in posts
  • Invite this member to groups
  • Message this member
  • Add this member as a connection

Please note: This action will also remove this member from your connections and send a report to the site admin. Please allow a few minutes for this process to complete.

Report

You have already reported this .