mSpy finally admits they’ve been hacked

After having first denied that they suffered a breach and had their customer’s data stolen and leaked on the Dark Web, mobile spyware maker mSpy has finally admitted that the incident happened, but they claim that only 80,000 customers (and not 400,000) have been affected.

Brian Krebs, who was pointed towards the leaked data last week by the hackers themselves, analyzed it and tracked down some of the affected mSpy customers, who confirmed that they used the company’s solution to monitor their employees, children and “friends.”

After that, continuing to claim that there was no hack was pointless.

The company claims that the hackers tried to blakmail them first, but that they didn’t pay up. Obviously, the hackers then chose to leak the information.

mSpy’s solutions are intended for legal uses only, and users of the monitored devices should be informed of the fact that practically all their phone and online activities are being monitored. Unfortunately, there is no way to prevent illegal uses such as spying on romantic partners and “friends.”

It is the latter who stand most to lose due to this breach, as they are likely not aware that extremely personal information about them is now available online, and those who spied on them are unlikely to tell them.

mSpy can expect many business difficulties in the future. While it’s still unclear whether the company is based in the UK or in the US, the company is being investigated by the UK’s Information Commissioner, and US Senator Al Franken has asked the US Department of Justice and the Federal Trade Commission to do the same.