cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

Spyware firm ‘out of business’ after data leaked on own site by hacker

A cyber attack on spyware app pcTattletale has killed the business, according to the company’s founder.

user icon Daniel Croft
Wed, 29 May 2024
Spyware firm ‘out of business’ after data leaked on own site by hacker
expand image

The company, which advertises itself as an employee and child monitoring service, is a consumer-grade spyware or “stalkerware” app that allows users to monitor other devices by seeing screenshots of victim Android or Windows devices. Programs like pcTattletale can and have been used for nefarious purposes, such as monitoring victim devices to collect data or snooping on spouses without consent.

Just days ago, the company’s website was defaced by a hacker, who published links containing data exfiltrated from pcTattletale’s servers. Data included customer data and data stolen from victims of the program. According to Have I Been Pwned via TechCrunch, the program had 138,000 customers.

Additionally, the hacker said the program’s servers could be fooled into handing over Amazon Web Services private keys. With this, the hacker was able to access the Amazon S3 storage used by pcTattletale and the 300 million screenshots stored on it.


The hacker did not disclose the reasoning for the attack.

Speaking with TechCrunch, company founder Bryan Fleming said that he is now unable to access the Amazon Web Services account.

“I deleted everything because the data breach could have exposed my customers,” he said.

“The account is closed; the servers are deleted.”

Fleming did not explain why the data was deleted without customers first being notified, and he added that he did not keep a copy of the data. TechCrunch said he then stopped responding to inquiries.

PcTattletale had been at risk for some time, with a security researcher releasing a report not long before the breach outlining a vulnerability in which targeted devices could leak screenshots. However, the hacker did not exploit this vulnerability.

The pcTattletale website was taken offline 20 hours after the breach. It is still inaccessible at the time of writing.

Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.

cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.