Hackers have targeted and stolen data collected by the Android stalkerware app LetMeSpy, and have subsequently released the stolen data online. The developer of the app has revealed that on June 21, an unauthorized user exploited a bug in the system to gain access to the website’s data. The LetMeSpy website promptly disabled all account-related functions after discovering the breach, and these functions will be restored after the vulnerability is rectified. Additional measures will also be implemented to enhance data security.
LetMeSpy allows users to secretly install the app on targeted smartphones, enabling them to collect copies of messages, activity logs, and other data. The app’s user base includes government workers and college students in the United States. The stolen data includes call logs, messages, geolocations, IP addresses, payment logs, user IDs, email addresses, and customer account password hashes. While around ten thousand phones were registered for the spyware, not all of them appear to be compromised in this hack.
In another data breach incident, insurance provider Genworth Financial has confirmed that it was affected by a breach suffered by PBI Research Services, a third-party vendor that provides information services for Genworth. The breach was first disclosed by PBI Research Services earlier this month, stating that they had experienced a cyberattack. The attack subsequently exposed the personal information of approximately 2.5 to 2.7 million individuals, including around 8,000 residents of Delaware. This breach is connected to the widespread MOVEit file transfer breach that has impacted numerous companies globally. As a result of this breach, the state of Delaware’s Insurance Data Security Act will be triggered, leading to a thorough investigation by the state’s Insurance Commissioner, Trinidad Navarro. Impacted individuals will also be notified within a sixty-day timeframe.
In yet another development, engineering firm Siemens and the University of California, Los Angeles (UCLA) have also fallen victim to the data breach of the widely-used file transfer application MOVEit. The ransomware group Cl0p, which has claimed responsibility for the breach, added Siemens and UCLA to its list of victims on its leak site. UCLA stated that it uses MOVEit to transfer files to university stakeholders. After discovering the breach on May 28, the higher education institution promptly patched the vulnerability and increased system monitoring. Siemens, on the other hand, has assured the public that its operations will continue as usual and that none of its critical data had been impacted. The US Federal Bureau of Investigation (FBI) has stated that it is aware of and investigating the recent exploitation of the MOVEit vulnerability by malicious ransomware actors. Additionally, other organizations such as Schneider Electric, Werum, and AbbVie, have also been added to Cl0p’s list of victims, although they have yet to confirm the impact of the breach.
These recent incidents highlight the growing threat of cyberattacks and data breaches, particularly affecting third-party vendors and widely-used applications. It is imperative for organizations and individuals to prioritize data security measures, regularly update and patch vulnerabilities, and remain vigilant in detecting and responding to potential breaches. Additionally, law enforcement agencies and cybersecurity professionals must continue to collaborate and investigate these breaches to mitigate the impact on individuals and organizations alike.