Millions of spyware customers exposed in mega data breach

(Image credit: Kaspersky)

Another spyware company has been breached, with sensitive data held on its customers leaked online, researchers have revealed.

This time, it’s the Ukrainian company Brainstack, which builds and maintains mSpy, which currently has around 1.5 million users.

The breach came after unidentified threat actors reportedly broke into the company’s Zendesk platform, used to handle customer support. From there, they stole more than 100 gigabytes of records, which include customer support tickets and accompanying attachments. These attachments often include personal documents, as well. Location data was also found, based on people’s IP addresses.

Identity data and personal documents

Journalists from TechCrunch sifted through the database and found several senior-ranking US military personnel, a serving US federal appeals court judge, and a watchdog for a US government department, all having used the app at one point. The list also includes an Arkansas county sheriff’s office, asking for a free trial.

While 100 gigabytes sounds like a lot, the publication says that the data only includes people who reached out to customer support, and that the user base of mSpy is probably a lot bigger.

HaveIBeenPwned?, an online service where people can check to see if their email address was leaked in a breach, added 2.4 million unique email addresses to its database. This doesn’t necessarily mean that 2.4 million people were affected, since many could have used new, “burner” email addresses just for mSpy.

Brainstack is currently keeping quiet.

Spyware, as the name suggests, is used for spying. It is also sometimes called stalkerware, or spouseware, both self-explanatory names. Users who buy the license install the app on mobile phones belonging to their spouses, partners, children, or employees, without their knowledge or consent. The app is capable of tracking on-device activity, in real-time, providing the owner of the license with access to calls logs, messages, location data, on-device files, and more.

More from TechRadar Pro

Mobile stalkerware is becoming a bigger threat than ever before
Here's a list of the best firewalls today
These are the best endpoint protection tools right now

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.