Millions of mSpy records compromised

CIO Bulletin
Sep 8, 2018 · 1 min read

September 06, 2018

mSpy has leaked millions of records that include data on software purchases, iCloud usernames and authentication tokens of devices of mSpy. The spyware company that allows you to spy on your kids or anyone you want, sells markets itself as a leading provider of parental control software. mSpy gives its users access to a person’s WhatsApp, Snapchat, Facebook and other messaging apps. Further, it also monitors calls, texts, and location.

The security researcher Brian Krebs revealed that mSpy took the database offline. But when online the database contained usernames, passwords and private encryption keys of each mSpy customer who had logged on to the mSpy website or purchased a mSpy license in the last 6 months.

The millions of records compromised came from an insecure database. mSpy has refused to comment on this. The company has been involved in a similar cybersecurity incident in 2015 where it had left records unsecured. In the wake of this incident in 2015, mSpy had pledged to double its efforts to ensure security but the company had not disabled links to countless screenshots on its servers that were taken from mobile devices running mSpy. Let’s hope its efforts are better this time around.


Originally published at www.ciobulletin.com.

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade