The founder of spyware app pcTattletale says the company is “out of business and finished for good” following a data breach over the weekend.
The shutdown came days after hackers defaced the spyware manufacturer's website and published links containing a large amount of data from pcTattletale's servers, including a database of customer information and data stolen from some of its victims.
pcTattletale is a remote surveillance app, also known as “stalkerware” because it can track people without their knowledge, allowing the app's hatcher to remotely view screenshots and personal data from a victim's Android or Windows device from anywhere in the world. pcTattletale advertised the spyware app as a way to monitor employees, but it also openly advertised the ability to spy on spouses and same-sex partners without their consent, which is illegal.
The now-defunct app had 138,000 customers who signed up to use the service, according to data breach notification site Have I Been Pwned.
In the compromised website, the hackers claim they can trick pcTattletale's servers into handing over the private key to an Amazon Web Services account that the spyware maker has been using to store hundreds of millions of screenshots of spyware-infected devices.
The pcTattletale website remains offline as of this writing.
pcTattletale founder Brian Fleming said in a text message to TechCrunch on Tuesday that the company no longer has access to its Amazon Web Services account.
“We removed everything because we feared a data breach could put our customers at risk,” Fleming said.
“Your account has been closed [and] The server will be removed,” Fleming said.
Analysis of the exposed data revealed that pcTattletale stored over 300 million screenshots of victims' devices going back years on its Amazon S3 storage servers. TechCrunch has independently verified that screenshots of devices monitored by pcTattletale have been publicly available online.
Amazon appears to have taken action against the spyware maker. The Amazon S3 storage server pcTattletale, which was used to store screenshots of the device, now displays “AllAccessDisabled,” an error code Amazon uses to block all access to customers' accounts, and customers are blocked too, so their only recourse is to contact Amazon for “further assistance.” But Fleming did not respond to questions about whether AWS had shut it down, and neither did AWS spokesman Grant Milne.
Fleming said he didn't keep a copy of the data and didn't explain why the data was deleted without first notifying those whose information was exposed in the breach. He stopped responding to our inquiries.
pcTattletale's situation is not unique: Spyware apps are notoriously buggy and have been known to leak or exfiltrate data, and federal regulators have previously barred stalkerware makers from the surveillance industry for poor security practices.
Asked about pcTattletale, FTC spokeswoman Juliana Gruenwald Henderson said the agency doesn't comment on whether it's investigating specific matters.
Other spyware makers have shut down following similar breaches: Polish-developed spyware LetMeSpy was shut down in June 2023 after its systems were hacked and customer data was deleted, and spyware apps PhoneSpector and Highster were shut down following an investigation by New York state.