INSUBCONTINENT EXCLUSIVE:
mSpy, a commercial spyware solution designed to help you spy on kids and partners, has leaked over 2 million records including software
purchases and iCloud usernames and authentication tokens of devices running mSky
The data appears to have come from an unsecured database that allowed security researchers to pull out millions of records.&Before it was
taken offline sometime in the past 12 hours, the database contained millions of records, including the username, password and private
encryption key of each mSpy customer who logged in to the mSpy site or purchased an mSpy license over the past six months,& wrote security
researcher Brian Krebs.Bug hunter Nitish Shah found the data and notified mSpy about the leak but couldn&t reach anyone who could shut it
He showed Krebs how to access the data, which included personal data on customers.mSpy is a platform that allows parents to see what their
children are doing online and, presumably, allow partners to keep tabs on each other
The app allows you to monitor &WhatsApp, Snapchat, Facebook, and other messaging apps& and tracks calls, SMS, and GPS data.mSpy has leaked
data before and Krebs reported a hack in 2015 that the company denied for a full week
This latest leak is less a hack than an oversight in database control.I&ve reached out to mSpy for clarity on the breach.Spyware mSpy for
2nd time failed to protect its iPhone and Android clients.On their server was found open database with millions of users records including
passwords, Facebook and WhatsApp messages, iCloud… via @briankrebs @IamNitishShahhttps://t.co/t1Ew2nhZOdpic.twitter.com/0I5zzEsnrc—
Lukas Stefanko (@LukasStefanko) September 5, 2018
