This article reports on a data breach involving mSpy, a phone surveillance operation that has been in existence since around 2010. The breach exposed the company’s Zendesk instance, which contained sensitive information about its customers and employees. Here are some key points from the article:
mSpy’s Operations
- mSpy is one of the longest-running phone spyware operations, with a large customer base.
- The company has remained hidden from public view, with its operators using false names to conceal their identities.
Data Breach
- The breach was first disclosed by a Switzerland-based hacker and made available to DDoSecrets, a nonprofit transparency collective.
- The leaked data includes information about mSpy’s customers, employees, and internal operations.
- The breach has exposed the company’s parent organization, Brainstack, as a Ukrainian tech company.
Brainstack
- Brainstack is a Ukrainian tech company that is involved in mSpy’s operations.
- The company’s website does not mention mSpy, but internal Zendesk data shows that Brainstack employees are extensively involved in mSpy’s customer support and other operations.
- Brainstack’s CEO and senior executive declined to comment on the breach.
Government and Law Enforcement Involvement
- The article reports on several instances of government and law enforcement agencies using or investigating mSpy, including:
- A sergeant from a US police department who contacted mSpy to obtain information about a suspect.
- A US government agency that used mSpy to gather intelligence.
- A European country’s law enforcement agency that investigated the use of mSpy by a suspected stalker.
Impact and Reactions
- The breach has raised concerns about the use of spyware by governments and individuals, as well as the need for greater transparency and accountability in the industry.
- TechCrunch notes that the National Domestic Violence Hotline (1-800-799-7233) provides 24/7 free, confidential support to victims of domestic abuse and violence.
Overall, this article highlights the importance of addressing the use of spyware by governments and individuals, as well as the need for greater transparency and accountability in the industry.
