The founder of the spyware app pcTattletale announced that his company is “out of business and completely done” following a data breach over the weekend.
The closure follows a hacker’s attack on the spyware maker’s website, releasing extensive data from pcTattletale’s servers, including customer information and some victims’ stolen data.
pcTattletale was a remote surveillance app, often labeled as “stalkerware” due to its capacity to monitor individuals without their knowledge. The app allowed the planter to remotely view screenshots of the victim’s Android or Windows device along with its private data from any location. pcTattletale marketed its spyware as a tool for monitoring employees but also promoted its ability to spy on spouses and domestic partners without their consent, which is illegal.
The app, now discontinued, had 138,000 customers who had registered for its service, according to data breach notification site Have I Been Pwned.
On the compromised website, the hacker claimed that pcTattletale’s servers could be manipulated to reveal the private keys for its Amazon Web Services account, where the spyware maker stored hundreds of millions of screenshots from the infected devices.
At the time of writing, pcTattletale’s website remains offline.
pcTattletale founder Bryan Fleming informed Truth Voices via text message on Tuesday that he no longer has access to the company’s Amazon Web Services account.
“I deleted everything because the data breach could have exposed my customers,” said Fleming.
“The account is closed [and] the servers are deleted,” added Fleming.
An analysis of the leaked data indicated that pcTattletale stored over 300 million screenshots of victims’ devices on its Amazon S3 storage server, dating back years. Truth Voices independently verified that there were publicly accessible screenshots from pcTattletale-monitored devices online.
It appears that Amazon may have intervened against the spyware maker. The Amazon S3 storage server used by pcTattletale to store device screenshots now shows the error code “AllAccessDisabled,” which Amazon uses to block all access to a customer’s account, necessitating the customer to contact Amazon for resolution. However, Fleming did not confirm if AWS had shut down the server, and AWS spokesperson Grant Milne also declined to comment.
Fleming mentioned he did not retain a copy of the data and did not address why the company deleted the data without notifying those affected by the breach. He has since ceased responding to inquiries.
pcTattletale’s situation is not isolated: Spyware apps are frequently buggy and prone to data leaks. Federal regulators have previously banned stalkerware makers from the surveillance industry due to poor security practices.
When asked about pcTattletale, FTC spokesperson Juliana Gruenwald Henderson stated that the agency does not comment on ongoing investigations.
Other spyware companies have similarly ceased operations following data breaches. In June 2023, the Polish spyware LetMeSpy shut down after being hacked and having its customer data erased, and the spyware apps PhoneSpector and Highster closed following an investigation by New York state.
