A major data leak exposed over 310 gigabytes of information from spyware developer mSpy, including 2.4 million unique email addresses. This data was obtained by the breach notification site Have I Been Pwned.
The leak, reportedly carried out by hacktivists, included 142 GB of user data such as email addresses, IP addresses, and names, collected from support tickets submitted by individuals seeking help with the application.
Additionally, 176 GB of attachments, including screenshots of financial transactions, photos of credit cards, and selfies, were also exposed.
TechCrunch reported that some of the leaked data involves support tickets from high-profile individuals, including senior-ranking US military personnel, a court judge, a county sheriff’s office, and a government department’s watchdog.
Some of the leaked email addresses belong to individuals being monitored through mSpy, journalists who contacted the company, and US law enforcement officials filing legal demands.
The data was allegedly stolen from Brainstack’s Zendesk customer support system in May and spans over the past decade.
mSpy, known for its controversial monitoring software, is advertised as a parental control tool for Android, iOS, macOS, and Windows devices. Despite its intended use, it is often deployed as spyware to monitor individuals in real time without their consent, which is illegal.
The leaked data suggests that mSpy is aware of the illicit use of its software, and the company has users worldwide.
This is not the first time mSpy has suffered a data breach. In 2015, information on over 400,000 users was leaked, and in 2018, nearly two million mSpy records were exposed.
No comments:
Post a Comment