Stalkerware Data Breach: Hacktivist Leaks Over 530,000 Customer Records
Published
Key Takeaways
- Massive Data Exposure: A hacktivist scraped and published the payment records of over half a million customers of consumer-grade stalkerware apps.
- Vulnerability Exploited: The data was obtained by exploiting a "trivial" bug in the website of the surveillance app provider, a Ukrainian company named Struktura.
- Exposed Information: The leaked dataset includes customer email addresses, partial payment card numbers, card type, and details of the specific surveillance app purchased.
A hacktivist has scraped and publicly released the payment records of more than 500,000 individuals who purchased consumer-grade surveillance applications, commonly known as stalkerware. The incident represents a significant stalkerware data breach, exposing the customers of phone-tracking services like uMobix, Geofinder, and Xnspy.Â
These applications are designed to covertly monitor a device's activity, including call logs, messages, photos, browsing history, and location data. The data was published on a hacking forum by a hacktivist known as "wikkid," who stated their motivation was targeting apps used for spying on people.
Hacktivist Exposes Surveillance App Users via Website Flaw
The data exfiltration was reportedly made possible by a simple vulnerability on the website of the vendor, identified as the Ukrainian company Struktura (which also operates as Ersten Group). The hacktivist exposes surveillance app users by exploiting this flaw to scrape transaction records.Â
The leaked dataset contains approximately 536,000 lines of information, including:
- Customer email addresses,Â
- The specific app they purchased,Â
- Payment amounts,Â
- Card type (e.g., Visa, Mastercard),Â
- The last four digits of the payment card.Â
The transactions encompass payments for popular spyware services such as Geofinder, uMobix, Peekviewer (formerly Glassagram), and Xnspy. The data's authenticity was verified by matching invoice numbers and using password reset portals for publicly listed email addresses, according to TechCrunch.Â
Cybersecurity in Surveillance Apps Remains a Critical Issue
This event highlights the poor state of cybersecurity in surveillance apps. Stalkerware vendors, which often operate in a legal gray area, frequently exhibit inadequate security postures, leading to breaches that expose both their customers and, indirectly, the victims of the surveillance.Â
March 2025 reports suggested that a SpyX data breach exposed nearly two million users’ information, including Apple customers. On month prior, a Spyzie stalkerware flaw exposed thousands of users and stalkerware apps Cocospy and Spyic the leaked the personal data of millions.
Related
Get expert insights on threats, breaches, scams, and security trends — delivered every Saturday.
Most Popular
Get expert insights on threats, breaches, scams, and security trends — delivered every Saturday.
Most Popular