A leading mobile spyware maker mSpy leaked more than a million paying customers including kids and partners high sensitive data online.
mSpy is a brand of mobile and computer parental control monitoring software for iOS, Android, Windows, and macOS. mSpy monitors and logs user activity on the client device.
Leaked data contains millions of users including passwords, call logs, text messages, contacts, notes, and location data.
These all the data has been collected secretly from kids, loved one and company employees from the different organization.
An online open mspy database has been discovered by a security researcher Nitish Shah that contains the username, password and private encryption key of each mSpy customer.
In this case, he tried to alert the company of his findings, but the company’s support personnel ignored him.
Accoring to krebs on security, the database included the Apple iCloud username and authentication token of mobile devices running mSpy, and what appear to be references to iCloud backup files.
Anyone who stumbled upon this database also would have been able to browse the Whatsapp and Facebook messages uploaded from mobile devices equipped with mSpy.
Different records uncovered incorporated the exchange points of interest of all mSpy licenses bought in the course of the most recent a half year, including customer name, email address, street number and sum paid. Likewise in the informational collection were mSpy user logs from browser and Internet address data of individuals visiting the mSpy Web website.
Andrew, mSpy’s chief security officer said“We have been working hard to secure our system from any possible leaks, attacks, and private information disclosure,”
“All our customers’ accounts are securely encrypted and the data is being wiped out once in a short period of time.”
This is a second-time mSpy Failed to protect their customer within 3 years and the 1st breach has been reported on 2015.
A very important message from the Norwegian National Cyber Security Centre (NCSC) says that Secure Socket Layer/Transport Layer Security (SSL/TLS)…
Linux is widely used in numerous servers, cloud infrastructure, and Internet of Things devices, which makes it an attractive target…
ViperSoftX malware, known for stealing cryptocurrency information, now leverages Tesseract, an open-source OCR engine, to target infected systems, which extracts…
Santander has confirmed that there was a major data breach that affected its workers and customers in Spain, Uruguay, and…
The U.S. government has offered a prize of up to $5 million for information that leads to the arrest and…
Russia leverages a mix of state-backed Advanced Persistent Threat (APT) groups and financially motivated cybercriminals to achieve its strategic goals,…