It’s bad enough when apps you use suffers a data breach, its worse when apps you didn’t know you have gets breached. Android stalkerware app, LetMeSpy had suffered a data breach resulting from a security incident on June 21. The app is used to spy or stalk on others and comes in either a free or paid version. The user would install it on someone else’s Android phone, such as a partner, relative or employee. The app hides itself from view and collects information such as text messages, call logs and geolocation. All that information along with email addresses, IP address and payment log for those who sought out the software had been breached. The company had disabled all account related functions of the website once the incident was discovered. Those functions will be restored once the vulnerability exploited by the attacker has been removed. The company had also said that they have informed the police and data protection watchdog about the privacy breach. LetMeSpy has around 10,000 android phones registered for the stalkerware and the app seems to only work for Android 4 to 7.
https://www.theregister.com/2023/06/27/letmespy_stalkerware_app_hacked/
This segment was created for the It’s 5:05 podcast