Coverage from TechCrunch indicates that a hacktivist has successfully scraped over 536,000 payment records from a provider of consumer-grade "stalkerware" phone surveillance applications. This breach has exposed the email addresses and partial payment details of individuals who purchased services designed to monitor others.The compromised data includes transaction records for various tracking and monitoring apps, such as Geofinder, uMobix, Peekviewer, and Xnspy, all supplied by a Ukrainian company identified as Struktura, which also operates under the name Ersten Group. The hacktivist, known as "wikkid," exploited a minor website vulnerability to access the customer information. The leaked data contains customer email addresses, the specific app purchased, payment amounts, card types, and the last four digits of payment cards. TechCrunch verified the authenticity of the data through multiple methods, including password resets and matching invoice numbers with vendor checkout pages.This incident highlights a recurring pattern of security failures within the stalkerware industry, where vendors often have inadequate cybersecurity measures, leading to the exposure of sensitive customer data.Source: TechCrunch
Security Operations, Breach, Data Security, Privacy
Stalkerware vendor data breach exposes over half a million customer records

Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



