The phone monitoring app LetMeSpy disclosed a data breach

2 Jul 2023

Security Breach In LetMeSpy Android App: Sensitive Data Of Thousands Exposed

The LetMeSpy app, designed to keep tabs on phone activities, has recently announced a breach in security. Cybercriminals managed to pilfer crucial information linked to numerous Android users. The compromised data includes personal messages, user locations, call records, email addresses, and phone numbers.

Data breach - Figure 1 — Photo securityaffairs.com

As stated in an announcement released by the organization, the security event occurred on June 21, 2023.

The LetMeSpy application is created by the Radeal company and is marketed as a tool for parental supervision or workforce supervision.

Users have the option to utilize the application by signing up for a monthly membership, with a cost of $6 for a regular license or $12 for a superior license.

The company has released a statement saying that the attackers managed to obtain entry into email addresses, phone numbers, and the information contained in the messages stored on the affected accounts.

The company promptly initiated a thorough inquiry into the occurrence and informed police authorities and data security regulators.

The initial report about the data breach came from the Polish security research website Niebezpiecznik. They also confirmed that the attackers responsible for the hack boasted about successfully acquiring the domain linked to the spyware.

The perpetrators responsible for the LetMeSpy breach and their intentions remain uncertain. As per TechCrunch, the hacker suggested that they erased LetMeSpy's servers containing databases. Subsequently, a duplicate of the compromised database surfaced on the internet within the same day. TechCrunch received a copy of the breached LetMeSpy data from DDoSecrets, a nonprofit organization dedicated to promoting transparency by cataloging datasets exposed to the public. DDoSecrets stressed the importance of safeguarding the sensitive information contained in the cache by restricting its distribution solely to journalists and researchers.

TechCrunch reports that the disclosed information unveiled in the breach originates from 2013 and encompasses data associated with a minimum of 13,000 compromised devices.

The majority of individuals impacted, whose information is stored in the database, are situated in the United States, India, and Africa.

Stay connected with me on social media platforms such as Twitter: @securityaffairs, Facebook, and Mastodon.