Per an exclusive report from TechCrunch, Minnesota-based spyware provider Spytech has been hacked, with files stolen from the company's servers containing detailed device activity logs from a global pool of mostly Windows PCs but also some Macs, Chromebooks, and even Android devices. The total number of spyware victims impacted by Spytech and noted by TechCrunch analyzing the scale of the breach is "more than 10,000 devices since 2013," and this cross-platform invasion of privacy stretches across the entire globe, including the US, EU, the Middle East, Africa, Asia, and Australia.
Spytech provides a brand of spyware best known as "stalkerware" since it's typically installed by a person with physical access to the victim's device. Sometimes, it's more "innocuous" in the form of an employer or parent installing the software on a device they own to surveil the activities of an employee or child, but this application has also been documented infecting users remotely through a remote email.
Fortunately, while the hackers' payload did include lots of personal information and sensitive data, TechCrunch notes that it did not contain enough identifiable information to actually find the people impacted by the breach. This is a double-edged sword, though, since TechCrunch wanted to notify Spytech's victims of the breach, and Spytech's CEO refused to comment on plans to notify customers, the surveilled, or even state authorities on the breach. As noted by TechCrunch, Spytech will be in violation of data breach notification laws if this never happens.
