Compatibility Start Monitoring

The World's Stealthiest Mobile Tracking App

mSpy Updates

For 2nd Time in 3 Years, Mobile Spyware Maker mSpy Leaks Millions of Sensitive Records – True or not so true?

For 2nd Time in 3 Years, Mobile Spyware Maker mSpy Leaks Millions of Sensitive Records - True or not so true?

Following the article recently published on the web about mSpy leakage, this is the official company response to the situation.

First of all, we would like to thank Nitish Shah who has contacted our support team about the problem, providing all the details, and to confirm that very unfortunately his initial request was not addressed. The support trainee who was checking the tickets that day has marked an email as spam and it never reached anyone else.

We confirm that on the same day we have been contacted by Brian Krebs (all the emails go initially through support team) to “get the breach cleaned out”. The email was assigned to the head of Support department who was on vacation (pure coincidence) and responded to it on the next day. The technical department was informed in 3 days when the details of incident became clear.

What we do not confirm though, is that mSpy Leaks Millions of Sensitive Records, so please stay calm.

What data was available and for how long.

While this is true, that Kibana was opened for several days because of a technical mistake done by developers, the data contained in Kibana were php server error logs, that is the records when the person can not login, there is a problem connecting, the function is not working etc.

  1. From 5 million records (this is where millions from Brian Krebs article come from) of server error logs, there has been login and password information listed for 1241 accounts which is 0.044% of mSpy customer base. The considerable number of the passwords were incorrect, as error logs record failed login sessions.
  2. There is no way to use encryption keys mentioned in the article without access to the actual database, so they can not be used for any purposes.
  3. The lifetime of token mentioned in the article is short (about 24 hours) and thus was invalid by the time the problem was discovered.
  4. From the analysis of access to Kibana we see that there have been only 2 sessions with data deep research, recorded for India and US. We assume that these were Nitish Shah and Brian Krebs.

There is no reason to worry about your account information or your kids data being disclosed or available elsewhere.

What we have already done to address the situation.

  1. The logs were closed as soon as the technical department was informed. The logs were available online from August 27 til September 3.
  2. We have changed the passwords for all accounts that were listed in server logs (1241 records) and sent an email to the users informing about the situation.
  3. We plan the change the encryption keys in the nearest future.
  4. We have started the check to ensure there were no attempts to login to the control panel using the login and password credentials from affected accounts from IPs different from the regular point in access except for Nitish Shah and Brian Krebs logins.
  5. We made a training for the support team to address situations like this.

We fully recognize that this is our fault and we should create additional controlling procedures. However we do also ensure that your data is safe and despite the server error logs that were discovered by Nitish Shah there was no massive leakage of personal data.

We are also sure that Nitish Shah and Brian Krebs will not share the information that has been downloaded elsewhere and that email addresses of affected accounts will not be available for spamming or dark net.

mSpy sincerely apologizes for the situation occurred and distraction it caused to all its customers.


4.9 (782843 ratings )
Price: $0.0
0 0 vote
Article Rating

Getting Started

The #1 Solution for Remote Monitoring!

Keep tabs on someone's phone activities with an undetectable tracking app.

1.5+ million users worldwide chose mSpy

30+ advanced monitoring features

Notify of
Newest Most Voted
Inline Feedbacks
View all comments
Maria Davidson
Maria Davidson
November 14, 2018 5:44 am

ios Spywares are good to track the calls or message on iPhone. It is true that companies are misusing personal information or data. However, I have a list of trustable spy software for iPhone list to choose from top 10 best iPhone tracking apps.

gps tracker Bob
gps tracker Bob
January 24, 2019 6:43 am

Very trendy post. Quite interesting.

Posted In:   mSpy Updates