All data breaches are inherently bad, but their effects can vary. The only silver lining is when it’s just a small amount of your info that’s exposed, or when they’re quickly discovered and locked down before falling into the wrong hands. And because of the sheer amount of our personal info that’s out there, chances are you’ve had a detail or two set free into the digital wild.
Then there’s the most devastating varieties. Some breaches expose personally identifiable information, putting your identity at risk and increasing your chances of becoming a victim of fraud. But they can get worse in other ways, too, like leaked files that are so personal that such a breach can lead to embarrassment and humiliation.
One of those devastating leaks is happening right now and it involves some of the most sensitive data you can imagine, including private photos. The worst part? The company exposing the data isn’t doing anything about it.
The most private data that won’t be removed
It’s bad enough when you have private data exposed for any amount of time, but imagine it’s the most personal kind. Think about things like intimate photos and call recordings, available for anyone to access online through an open database. And it won’t go away.
Tech site Motherboard was made aware of this exposed database earlier this year by security researcher Cian Heasley. The server he found contains two folders with over 95,000 images and 25,000 audio recordings.
Since being made aware, Motherboard has been continuously trying to contact the company so they can get their database secured. But no matter what method they’ve used, they haven’t received a single response. They also reached out to GoDaddy, the site’s domain registrar, which basically said their hands are tied. They contacted the Federal Trade Commission as well, but received no comment.
The database is still accessible to anyone online, and is updating with new files daily. As horrifying as it already is, it’s also been going on for at least six weeks.
Since the private files of hundreds or more people are still openly accessible, Motherboard is not identifying the company. They’re only saying the company sells spyware software that allows people to monitor just about anything on another person’s phone. It’s primarily geared toward parents wanting to keep an eye on their kids’ phone activity.
Keeping your private data safe
The data in this case doesn’t include contact info for any of the victims, but people could still absolutely be identified through the types of files in the database. It’s also not the first leak involving spyware companies. Motherboard identified other stalkerware companies that exposed data over the past two years, including Copy9, Family Orbit, FlexiSpy, Mobistealth, mSpy, Retina-X, Spyfone, SpyHuman, Spy Master Pro, TheTruthSpy and Xnore.
Throughout komando.com, you’ll find all kinds of tips and information for keeping your online data safe, covering all sorts of topics from how to protect your router to staying safe while surfing the web, along with more info about spyware. Check out a whole list of stories on that topic by clicking here.