Two years ago mSpy faced a security-related issue reported by third-party individuals.
It began when Nitish Shah contacted our support team about a safety-related problem, and kindly provided all the details on the issue. However, very unfortunately, their request wasn’t delivered to the recipient. A support team trainee who was checking the tickets that day marked the email as spam.
On the same day, we were contacted by Brian Krebs with a request to “get the breach cleaned out”. Their email was assigned to the head of our support department.
The technical department was informed about the incident in 3 days — right after our specialists collected enough information to resolve the problem. The issue was fixed shortly, and new security updates were added a few months later.
Table Of Contents
What Was Hidden Under the So-Called mSpy Data Breach In Reality?
Because of a technical mistake made by developers, the Kibana data visualization dashboard remained public for a couple of days.
However, its PHP server error logs contained records about users’ login issues, such as not matching logins and passwords and connection-related problems. No other information was disclosed on the Internet, and no important data leaked.
The Truth About the mSpy Scam Allegations: Facts and Myths to Consider
Brian Krebs claimed that mSpy disclosed 5 million records that contained user login details. However, there was login and password information listed for 1241 accounts which comprise about 0.044% of mSpy’s customer base. A considerable number of the passwords were incorrect, as error logs record failed login sessions.
They said mSpy used encryption keys to reveal their users’ personal details. Yet, there is no way to use encryption keys without access to the actual database, so we couldn’t (and never tried to) use them for any purpose.
Another false conviction goes that the mSpy database included the Apple iCloud username and authentication token of mobile devices running the app, so users’ iCloud backup files were revealed.
The only concern is that lifetime of the token is short (about 24 hours). It was invalid by the time the problem was reported.
Finally, mSpy was blamed for disclosing user logs, including the browser and Internet address information of people visiting mspy.com.
However, by analyzing access to Kibana, we found out only 2 sessions with data deep research, recorded for India and the US. We assume these were Nitish Shah and Brian Krebs.
As you see, there is no reason to worry about your account information or your kid’s data. At mSpy, we take care of your security and privacy while you interact with our digital products.
How Safe Is mSpy to Use In 2021?
Although most of the security-related claims targeted on mSpy were false, we confirm that our app experienced some issues. What’s more, those problems pushed us to improve our security system.
Immediately after resolving the issue, we changed the passwords for all accounts that were listed in server logs (1241 records) and emailed our users about the situation. We also added new security protocols and changed the encryption keys.
Since that time we regularly check our system on attempts to log in to the control panel using credentials from affected accounts.
Does mSpy Really Work? Our Innovations and Updates
In addition to updating the security measures, we’ve implemented a few more innovations.
The new interactive mSpy demo was recently released by our developers. Now, you can try mSpy software for free and test its features in real-time without installing the app on your kid’s phone.
We reviewed our approach to client assistance and created a whole new customer support environment. At the moment we have 4 levels of technical assistance:
- free service for Basic subscription users by email and live chat
- free service for Premium subscription users by email and live chat
- Support Priority line – paid personalized customer assistance for 12 months
- mAssistance – paid VIP assistance through for 12 months
We also updated our Refund Policy. Now, you may receive a full refund within 10 days of purchase if you are not satisfied with the mSpy app.
To sum up the revealed facts and myths, we want to admit that we fully recognize our fault and sincerely apologize for the situation.
Is mSpy safe now? Absolutely. Is mSpy a real app that works right now? We want to ensure all our customers that their data is secured, as no massive leak of sensitive data occurred in the past.
Our new security measures are aimed at keeping your account private and your data safe. Thousands of active accounts in 2021 should help confirm mSpy to be a reliable and safe app.