Stories
Slash Boxes
Comments

SoylentNews is people

posted by takyon on Saturday May 16 2015, @01:20AM   Printer-friendly
from the spy-vs-spy dept.

Spying software maker mSpy sells their offerings as a service package and claims to enable its customers to spy on iPhones and Android phones. It is used by ~2 million people to spy on their children, partners, exes, etc. Retrieved data is stored on mSpy's servers. Brian Krebs reports that mSpy has been hacked and their entire database of spying data (with a size of several hundred gigabytes) has been posted on the Dark Web. The trove includes Apple IDs and passwords, and the complete contents of phones including photos and emails, etc.

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by Techwolf on Saturday May 16 2015, @02:17AM

    by Techwolf (87) on Saturday May 16 2015, @02:17AM (#183620)

    Mixed feelings about this. One the one paw, private data was exposed, on the other paw, exposing this will bring into the spotlight the total lack of security at many places and just how much data they have on you.

    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2  
  • (Score: 4, Insightful) by frojack on Saturday May 16 2015, @03:42AM

    by frojack (1554) on Saturday May 16 2015, @03:42AM (#183647) Journal

    Well on the hind paw...

    I'm equally interested in why they have some of that data:

    and the complete contents of phones including photos and emails, etc.

    Seems to me this stuff should not rest on some third party site, even if the customer did some how install it on a phone where they "allegedly" had authority to do so.

    This might open them for all kinds of law suits if just one victim finds their data in the data dump. Especially if they never gave consent to having it installed.

    Not only can they go after the person who installed it, but now they can go after mSpy as a co-conspirator in possession of stolen property.

    I can sell you bolt cutters, lock picks and and glass cutters. But If I offer to store your stolen goods for you I become an equal partner in your crime. I don't believe you can write any amount of disclaimer boilerplate to get around that.

    --
    No, you are mistaken. I've always had this sig.
    • (Score: 2) by Geezer on Saturday May 16 2015, @01:36PM

      by Geezer (511) on Saturday May 16 2015, @01:36PM (#183750)

      Why? For sale, of course. I haven't parsed their EULA legalese, but betcha a beer it says they can store whatever they can get their filthy little claws on, and regard all data as "customer" data, regardless of where said customer got it. Once in corporate hands, data becomes sellable product. It plugs right in to the Big Data business model, even if all they are is a 3rd-party feeder to Juan the ID Thief, Lizard Squad, Google, Experian, or LexisNexis (and I hold all the forgoing in the same contempt).

      Since their marquee product and its customer base are downright creepy, I'll use my own favorite aphorism, "Fuck the whole lot."