Phone Tracking App LetMeSpy Compromised in Major Security Breach
A cyber breach has compromised LetMeSpy, a widely used phone tracking app, with a hacker successfully intercepting messages, call logs, and locations. The company behind the software confirmed that unauthorized access to user data took place on June 21. The perpetrators acquired e-mail addresses, phone numbers, and message content from user accounts.
LetMeSpy is a phone monitoring app known for its stealth. Often marketed for parental control or employee monitoring, it is designed to remain concealed on a phone’s home screen, making detection and removal challenging. The app quietly uploads the phone’s text messages, call logs, and precise location data to its servers, enabling real-time tracking of the individual by the person who installed the app.
The security breach was first reported by the Polish security research blog, Niebezpiecznik. When the blog reached out to the spyware maker for comment, the hacker reportedly responded instead, claiming to have gained extensive access to the spyware maker’s domain.
The identity of the hacker and their motives remain unclear. The hacker hinted at deleting LetMeSpy’s databases stored on the server, with a copy of the hacked database surfacing online later the same day.
An analysis of the leaked data revealed records on at least 13,000 compromised devices, with call logs and text messages dating back to 2013. The database also contained over 13,400 location data points for several thousand victims, primarily in the United States, India, and Western Africa. Also exposed was the spyware’s master database, including information about 26,000 customers who used the spyware for free, and the email addresses of customers who bought paying subscriptions.
The leaked data revealed that LetMeSpy is maintained by a Polish developer named Rafal Lidwin, based in Krakow. Lidwin did not respond to multiple requests for comment. In its breach notice, LetMeSpy confirmed that it had notified law enforcement and the Polish data protection authority, UODO.
The company has not yet stated whether it will inform the victims whose phones were compromised and monitored. The leaked data does not contain identifiable information that could be used to notify victims directly. Alerting victims of spyware is complex as it could also alert the individual who planted the spyware, potentially creating unsafe situations.
LetMeSpy joins a growing list of spyware and phone monitoring apps such as Xnspy, KidsGuard, TheTruthSpy, and Support King, which have been compromised or have exposed user data in recent years.
In light of these developments, users are advised to check for the “LMS” app, distinctive by its icon, and remove it if found. For enhanced security against malicious Android apps, enabling Google Play Protect is recommended.
