LetMeSpy is popular with parents and employers who believe other people should not be allowed to enjoy privacy or boundaries. The app is also designed to stay hidden on a phone's home screen, making it difficult to detect and remove. Once planted, LetMeSpy silently uploads the phone's text messages, call logs, and precise location data to its servers, allowing the person who planted the app to track the person in real-time.
However, it looks like the company which makes the spyware has been hacked, and the criminals gained access to e-mail addresses, telephone numbers, and the content of messages collected on accounts.
This means that parents who thought they were protecting their precious snowflakes from kiddle fiddlers will have given pedophiles all their child’s contact details and messages. Employers who thought that spying on their employees would somehow protect their companies have given top secret data to rivals.
Polish security research blog Niebezpiecznik first reported the breach. When Niebezpiecznik contacted the spyware maker for comment, the hacker reportedly responded instead, claiming to have seized wide access to the spyware maker's domain. It's not clear who is behind the LetMeSpy hack or their motives.
The hacker intimated that they deleted LetMeSpy's databases stored on the server. However, a copy of the hacked database also appeared online later the same day. T
The leaked data included years of victims' call logs and text messages dating back to 2013. The database we reviewed contained current records on at least 13,000 compromised devices, though some shared little to no data with LetMeSpy.
LetMeSpy claims to delete data after two months of account inactivity so that is another thing that has gone wrong.