Sensitive information relating to countless Android users was made public due to a security breach discovered by the Android app LetMeSpy.
Online attackers obtained confidential data related to countless Android users, containing messages, whereabouts, call logs, e-mail addresses, and phone numbers, according to a security breach revealed by the phone tracking software LetMeSpy.
The security breach happened on June 21, 2023, based on a notice that the corporation published.
The Radeal firm created the LetMeSpy app, which is marketed as a parental control or employee surveillance tool.
Customers can access the app by subscribing to a standard license for $6 or a Pro license for $12 per month.
According to a statement released by the corporation, “As an outcome of the assault, the perpetrators acquired access to e-mail addresses, telephone numbers, and the content of messages gathered on accounts.”
The business alerted law enforcement and data security protectors and started an inquiry into the situation right once.
The first to release information on the data breach was the Polish security research blog Niebezpiecznik, which also verified that the attackers’ claim to have taken control of the domain hosting the spyware was true.
“Neither the identity of the hacker nor their motivations are known. The hacker hinted that they had removed the databases for LetMeSpy that were kept on the server. Later that day, a copy of the compromised database also surfaced online.” According to TechCrunch, “TechCrunch was provided with a copy of the hacked LetMeSpy data by DDoSecrets, a nonprofit openness collective that indexes released datasets in the public interest. Given the quantity of personally identifiable material in the cache, DDoSecrets claimed it was restricting the dissemination of the information to journalists and researchers.”
TechCrunch claims that the stolen information revealed in the assault dates back to 2013 and includes information about at least 13,000 infected devices.
The majority of the victims with information stored in the database reside in the United States, India, and Africa.
About The Author:
Yogesh Naager is a content marketer that specializes in the cybersecurity and B2B space. Besides writing for the News4Hackers blog, he’s also written for brands including CollegeDunia, Utsav Fashion, and NASSCOM. Naager entered the field of content in an unusual way. He began his career as an insurance sales executive, where he developed an interest in simplifying difficult concepts. He also combines this interest with a love of narrative, which makes him a good writer in the cybersecurity field. In the bottom line, he frequently writes for Craw Security.