Ersten Group
February 9, 2026
•[ stalkerware, data leak, scraping ]
A hacktivist scraped more than half-a-million payment records from a provider of consumer-grade stalkerware phone surveillance apps, exposing customer email addresses and partial payment information. The records include payments for phone-tracking services like Geofinder and uMobix and social-media monitoring services like Peekviewer, and the dataset also includes transaction records from Xnspy. The incident is a data exposure affecting customers who paid for surveillance services, not necessarily the surveilled victims.
At least one unnamed European celebrity
May 1, 2025
•[ stalkerware, spyware, data leak ]
A researcher discovered a publicly accessible cloud repository containing 86,859 screenshots from an unnamed European celebrity's device. The files appeared to have been collected through Cocospy-linked stalkerware or spyware installed on the victim's endpoint and included private communications, intimate images, phone usage, business conversations, invoices, payment details, phone numbers, partial credit card numbers, emails, receipts, and identity documents. The dataset appeared to span activity from mid-2024 to mid-2025, but the exact installation or compromise date was not reported; the specific perpetrator was not publicly identified.
Spyx
March 25, 2025
•[ data leak, stalkerware ]
Stalkerware service reportedly leaked user data including iCloud credentials and device identifiers.
Cocospy & Spyic
February 14, 2025
•[ data leak, stalkerware, vulnerability ]
Vulnerability allowed unauthenticated access to servers exposing stalkerware customer lists and victims uploaded data.
