There is a shady industry for those who want to monitor and spy on their families. Several app makers sell software (sometimes called stalkerware) to jealous partners who can use these apps to remotely access victims' phones.
But despite how sensitive this data is, the number of these companies is on the rise in massive decline.
According to TechCrunch's Tally, counting the latest data exposures for Cocospy and Spyic, they are known to have been hacked since 2017 or leaked customer and victim data online There are 23 Stalkerware companies. That's not a typo. At least 23 Stalkerware companies have either been hacked or have been exposing important data in recent years. Additionally, four stalkerwear companies have been hacked multiple times.
Cocospy and Spyic were the first Stalkerware companies to accidentally expose sensitive data in 2025. The two surveillance operations have revealed messages, photos, call logs and other personal and sensitive data from millions of victims published online, according to security researchers who found a bug that allowed them to access that data. I've left it.
In the case of Cocospy, the company leaked 1.81 million customer email addresses, while Spyic leaked 880,167 customer email addresses. According to an analysis by Troy Hunt, which runs a data breach notification site, this is a total of 2.65 million email addresses after removing duplicate addresses that were shown in both violations.
In 2024 there were at least four major stalker wear hacks. The last stalkerware violation of 2024 affected SpyTech, a little-known spyware manufacturer based in Minnesota. This has published activity logs from phones, tablets and computers monitored by spyware. Previously, there was a violation of MSPY, one of the longest-running stalkerware apps that publish millions of customer support tickets, including personal data from millions of customers.
Previously, an unknown hacker broke into the servers of US-based Stalkerware Maker Pctattletale. The hackers then stole and leaked internal company data. They also tainted the official Pctattletlea website with the goal of embarrassing the company. The hackers referenced a recent TechCrunch article. There, they reported that Pctattletale was used to monitor several front desk check-in computers in a US hotel chain.
As a result of this hack, leak and shame manipulation, PcTattleleale founder Bryan Fleming said he was closing his company.
Consumer spyware apps such as MSPY and PcTattletale are commonly referred to as “Stalkerware” (or spouse wear). Because jealous spouses and partners use them to secretly monitor and investigate their loved ones. These companies often explicitly sell their products as a solution to catch fraud partners by encouraging illegal and unethical behavior. And there were multiple lawsuits, journalistic investigations, and domestic abuse shelters investigations that demonstrate that online stalking and surveillance could lead to real-world cases of harm and violence.
And that's why hackers have repeatedly targeted some of these companies.
Eva Galperin, director of cybersecurity at the Electronic Frontier Foundation and a leading researcher and activist who has been researching and fighting Stalkerware for many years, said the Stalkerware industry is a “soft target.”
“The people who run these companies are probably the most cautious, but not really worried about the quality of their products,” Galperin told TechCrunch.
Given Stalkerware's history of compromise, that might be an understatement. And using these apps means that there is a lack of care to protect your customers, and as a result, the personal data of tens of thousands of unconscious victims is double irresponsible. Stalkerware customers are violating their partners by breaking the law and illegally spying on them, and putting everyone's data at risk.
The history of stalker wear hacks
The gust of stalkerware violations began in 2017 when a group of hackers violated US-based Retina-X and Thailand-based Flexispy. These two hacks revealed that the company has a total of 130,000 customers worldwide.
At the time, proudly arguing for the responsibility of compromise, the hackers explicitly stated that their motivations were exposed and helped them destroy industries they deemed toxic and unethical.
“I burn them on the ground and never leave any of them to hide,” one of the hackers involved told Motherboard.
Referring to Flexispy, the hacker added: But I'm worried that they'll try to create themselves again in a new way. But if that's the case, I'll be there. ”
Despite Hack and years of negative public attention, Flexispy is still active today. The same cannot be said about Retina-X.
Hackers who infiltrated Retina-X wiped the server with the goal of blocking its operation. The company bounced back – and was hacked again a year later. A few weeks after the second violation, Retina-X announced it was closed.
A few days after the second Retina-X breach, the hackers hit Mobistealth and Spy Master Pro, stealing gigabytes of customers and business records, stealing victims' intercepted messages and exact GPS locations. Another stalkerware vendor, India-based spy human, encountered the same fate a few months later, with the hacker stealing text messages and calling out metadata.
A few weeks later, there was the first case of accidental data exposure rather than hack. Spyfone left an Amazon Hosted S3 storage bucket online that is unprotected. This means that everyone was able to view and download text messages, photos, audio recordings, contacts, locations, scrambling passwords, login information, Facebook messages, and more. All of that data was stolen from the victims, but most of them didn't know they were being spyed on. Their most sensitive personal data can't be made known that they are on the internet for everyone to see.
Other stalkerware companies that have been irresponsibly leaving customer and victim data online for years irresponsibly are Familyorbit, and are protected only by passwords that protect 281 gigabytes of personal data online. MSPY leaked more than 2 million customer records in 2018. Xnore allows customers to see personal data of other customer goals, including chat messages, GPS coordinates, emails, photos, and more. Mobiispy left 25,000 audio recordings and 95,000 images on a server that anyone can access. KidsGuard had the incorrect server that leaked victim content. Before the hack, Pctattletale published a screenshot of the victim's device and uploaded it to a website that anyone can access. Xnspy has left developers with remaining qualifications and private keys in their app's code, allowing anyone to access the victim's data. And now, Cocospy and Spyic are keeping victims' messages, photos, call logs, other personal data, and customer email addresses publicly online.
There was Copy9 for other stalkerware companies that were actually hacked. This caused hackers to steal data from all surveillance targets, including text messages and WhatsApp messages, call recordings, photos, contacts, views, and more. LetMespy shut down after a hacker wiped it violated the server. Brazil-based Webdetetive wiped away the server and hacked it again. OwnSpy, which provides a lot of Webdetive's backend software, has also been hacked. Spyhide has a code vulnerability that allowed hackers to access backend databases and access data from around 60,000 victims over the years. Sospy, a brand of Spyhide brand, has shut down once more. The latest MSPY hacks that are unrelated to the aforementioned leaks.
Finally, there is Thetruthspy, a network of stalkerware apps. This holds a suspicious record of hacking or data leaking at least three separate occasions.
Hacked, but not repented
Eight of these 23 Stalkerware Companies have been closed, according to a TechCrunch tally.
In the first unique case, the Federal Trade Commission banned Spyfone and its CEO Scott Zuckerman from activities in the surveillance industry following a previous security course in which victims' data was exposed. . Another stalkerware operation linked to Zuckerman, called Spytrac, was subsequently shut down following a TechCrunch investigation.
It is known to have been hacked after New York Attorney General accused the New York Attorney General of explicitly encouraging customers to use the software for illegal surveillance. Not two other companies, telephone officers and Histar, were also closed.
But the fact that the company has been closed doesn't mean it's gone forever. Like Spyhide and Spyfone, some of the same owners and developers behind closed stalkerware makers have simply been rebranded.
“I think these hacks do things. They get things done and put dents in it,” Galperin said. “But if you hack the stalkerwear company, they simply swing their fists, curse your name, disappear with a puff of blue smoke and you're going to never see it again, that's definitely not.”
“Most of the time, when you can actually kill a Stalkerware Company, the Stalkerware Company appears like a mushroom after the rain,” added Galperin.
There is some good news. In a report last year, security company MalwareBytes said its use of Stalkerware is declining, according to its own data from customers infected with this type of software. Galperin also reports that customers and prospects complain that they don't work as intended, seeing an increase in negative reviews for these apps.
However, Garperin may not be as good at detecting stalkerware as before, or the stalker may have moved from software-based surveillance to physical surveillance possible through air tags and other Bluetooth-enabled trackers. He said it was sexual.
“Stalkerware doesn't exist in the vacuum. Stalkerware is part of the whole world of technology-responsive abuse,” says Galperin.
Say no to stalker wear
Using spyware to monitor your loved ones is not only unethical, but is also considered illegal surveillance in most jurisdictions.
That's an important reason why you don't already use Stalkerware. There have been issues that have proven many times that Stalkerware manufacturers cannot keep their data safe. Data belonging to the customer does not belong to the victim or target either.
Apart from spying on romantic partners and spouses, some people use stalkerwear apps to monitor their children. Although this type of use is legal, at least in the US, using Stolkerware to use snoop on a child's phone, does not mean it's creepy and unethical.
Even if it's legal, Galperin believes that parents should not spy on their children without telling them and agreeing to them.
If parents notify their children and move on, they will move away from unstable and unreliable stalkerware apps and track parents built into Apple phones, tablets and Android devices that work more secure and obviously You need to use the tool.
Summary of violations and leaks
This is the complete list of Stalkerware companies that have been hacked or leaked sensitive data since 2017.
Updated on February 20, 2025 and include Cocospy and Spyic as the latest set of Buggy Stalkerware apps.
If you or someone you know needs help, the domestic domestic violence hotline (1-800-799-7233) is secretly available to victims of domestic abuse and violence 24/7 We provide support for. If you are in an emergency, call 911. Coalition with stalkerwear If your phone seems to be compromised by spyware, you have the resources.
