Mobile spyware app LetMeSpy had its collected messages, call logs, and locations exfiltrated and leaked following a hacking incident, according to TechCrunch.
Databases of LetMeSpy have been infiltrated on June 21, enabling access to account email addresses, telephone numbers, and messages, said LetMeSpy in a notice on its login page. On the other hand, such an attack was claimed by the threat actor to have been conducted through wide access to LetMeSpy's domain, with the attacker stating that server-stored copies of the databases have been deleted before leaking the stolen data. Analysis of a copy of the leaked data secured by DDoSecrets showed data on at least 13,000 devices since 2013, including more than 13,400 location data points, most of which have been in the U.S., India, and Western Africa. Details about nearly 26,000 LetMeSpy customers who leveraged the free version of the spyware were also included in the exposed database.