Another major spyware firm has been breached — thousands of devices have private details exposed

Spytech had sensitive data stolen

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

A USspywaremaker called Spytech has been breached, leading to sensitive data it held on thousands of its victims being leaked online

A report fromTechCrunch, which has seen the stolen data and confirmed its authenticity, notes an unidentified person “with knowledge of the breach” reached out to the publication and shared an unecrypted cache of files grabbed from the company’s servers.

The files contained detailed device activity logs from the endpoints the spyware was monitoring, including the location of each individual device.

Caught off guard

Caught off guard

TechCrunchran the files through offline tools, and concluded more than 10,000 devices may have been compromised.

The majority of mobile-only victims are located in Europe and the United States, with notable “pockets” of victims in Africa, Asia and Australia, and the Middle East. The good news is that there was not enough personally identifiable information to link the data to actual people.

This also means that the publication was not able to notify the affected individuals, but it did, however, reach out to the company’s Chief Executive Officer (CEO), Nathan Polencheck, who was caught off guard with the news, saying this “was the first I have heard of the breach and have not seen the data you have seen so at this time all I can really say is that I am investigating everything and will take the appropriate actions.”

Spytech operates two spyware apps - Realtime-Spy and SpyAgent. The majority of the infected endpoints are Windows devices, with Androids, Macs and Chromebooks being compromised to a lesser extent.

Are you a pro? Subscribe to our newsletter

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Spyware, often also called spouseware, are commercial apps that advertise as a way to keep track of children, employees, and romantic partners. However, since they remain hidden on the device they’re installed on, people often install them without the victim’s knowledge or consent, which is both unlawful and unethical.

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

A new form of macOS malware is being used by devious North Korean hackers

Scammers are using fake copyright infringement claims to hack businesses

Belkin’s Travel Bag for Vision Pro has pockets and is way cheaper than Apple’s own case