Cyber Security News

SpyX Data Breach Exposes Personal Information of Nearly 2 Million Users

SpyX, a company known for developing spyware, has experienced a data breach that compromised the personal information of nearly 2 million users.

As per a report posted by Have I been Pwned, the breach, which occurred on June 24, 2024, exposed a wide array of sensitive data, including email addresses, IP addresses, device information, geographic locations, and passwords.

Details of the Breach

The data breach involved a substantial number of unique email addresses—almost 2 million—along with IP addresses and countries of residence, which could potentially be used for tracking or targeting individuals.

Additionally, the breach exposed device information, providing detailed insights into the types of devices used by the affected individuals.

Perhaps most concerning is the exposure of passwords, including 6-digit PINs stored in the password field, which could be used to gain unauthorized access to accounts.

Furthermore, the breach included a collection of iCloud credentials in plain text, which could be used to directly monitor targets through cloud services.

These iCloud credentials typically included the target’s email address and their corresponding Apple password in plain text, raising significant privacy and security concerns.

The breach has far-reaching implications for privacy and cybersecurity. Exposed iCloud credentials pose a direct threat to the privacy of individuals whose accounts were compromised, as they could be accessed without additional security measures.

The exposure of geographic locations, IP addresses, and device information could facilitate stalking, harassment, or other malicious activities.

The inclusion of this breach in Have I Been Pwned (HIBP), a popular service that tracks data breaches and allows users to check if their email addresses have been compromised, underscores its severity.

The breach was added to HIBP on March 19, 2025, providing affected users with the opportunity to assess their exposure and take necessary precautions.

Recommendations for Affected Users

Users who may have been affected by the SpyX data breach are advised to take immediate action to protect themselves:

  • Change Passwords: Update all passwords associated with compromised accounts, especially for iCloud and other cloud services.
  • Enable Two-Factor Authentication (2FA): Add an extra layer of security to accounts by enabling 2FA to prevent unauthorized access.
  • Monitor Accounts: Closely monitor financial and other sensitive accounts for suspicious activity.
  • Stay Informed: Regularly check for updates on the breach and follow advice from SpyX and cybersecurity experts.

While the breach highlights the ongoing challenge of cybersecurity, proactive measures by users can help mitigate its impact and ensure a safer online environment.

As technology evolves and privacy concerns grow, companies like SpyX must prioritize robust security measures to protect user data and maintain trust.

Investigate Real-World Malicious Links & Phishing Attacks With Threat Intelligence Lookup - Try for Free

Divya

Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Recent Posts

VMware ESXi, Firefox, Red Hat Linux & SharePoint Hacked – Pwn2Own Day 2

Security researchers demonstrated their prowess on the second day of Pwn2Own Berlin 2025, discovering critical…

10 hours ago

Critical WordPress Plugin Flaw Puts Over 10,000 Sites of Cyberattack

A serious security flaw affecting the Eventin plugin, a popular event management solution for WordPress,…

1 day ago

Sophisticated NPM Attack Leverages Google Calendar2 for Advanced Communication

A startling discovery in the npm ecosystem has revealed a highly sophisticated malware campaign embedded…

1 day ago

New Ransomware Attack Targets Elon Musk Supporters Using PowerShell to Deploy Payloads

A newly identified ransomware campaign has emerged, seemingly targeting supporters of Elon Musk through a…

1 day ago

Printer Company Distributes Malicious Drivers Infected with XRed Malware

Procolored, a printer manufacturing company, has been found distributing software drivers infected with malicious code,…

1 day ago

Chinese Agent Impersonate as Stanford Student For Intelligence Gathering

Chinese intelligence operative posing as a Stanford University student has been uncovered following an investigation…

1 day ago