Another data breach is affecting Android users via a popular monitoring app called LetMeSpy. The free app allows users to track calls, text messages, and even GPS locations of any phone it’s installed on quietly, often without the phone owner’s knowledge.
The app is often used as a parental control feature to keep tabs on their children as well as employers. Users can take a peek at all text messages and phone logs including the duration of calls, and other typically private phone usage. LetMeSpy is as the name suggests, a stalker app. And now it’s been hacked, releasing thousands of people’s personal information.
A data breach within the app noted by research blog Niebezpiecznik on June 21st has provided hackers with all LetMeSpy logged data, affecting thousands of Android users worldwide. An estimated 13,000 Android devices were affected.
“A security incident occurred involving obtaining unauthorized access to the data of website users. As a result of the attack, the criminals gained access to e-mail addresses, telephone numbers, and the content of messages collected on accounts,” as reported by TechCrunch.
According to the blog, a hacker responded to comments intended for LetMeSpy, stating they had deleted the app’s databases and released personal information dating back to 2013 online. Taking a look at LetMeSpy’s website now shows it is not used anywhere worldwide, down from over 236,000 devices it recorded at the start of 2023.
To check if your phone has LetMeSpy installed, look for an app named LMS and uninstall it. As with any data breach, be sure to update your passwords – after removing any suspicious apps – and take other security measures to protect yourself.
LetMeSpy is far from the only stalker/spyware app out there. For more information about stalkerware, how to identify it, and how to remove and report it, visit the Coalition Against Stalkerware’s website.