Poland-based spyware LetMeSpy has officially announced its shutdown after a severe data breach in June led to the destruction of its servers, including a vast repository of information pilfered from thousands of victims’ mobile phones.
In a dual-language notice on its website, LetMeSpy has confirmed the “permanent shutdown” of its spyware service, revealing its intention to terminate all operations by the conclusion of August. The company has also blocked user access to logging in or creating new accounts.
A separate notification on LetMeSpy’s defunct login page corroborates previous reports, stating that the hacker responsible for the breach not only gained unauthorized access to the spyware provider’s database but also purged the data from its servers.
“The breach consisted of unauthorized access to the LetMeSpy website’s database, downloading and at the same time deleting data from the website by the author of the attack,” the statement reads.
LetMeSpy’s Android phone monitoring application is no longer operational, as indicated by a network traffic analysis conducted by TechCrunch. Moreover, the spyware maker’s website no longer offers the spyware app for download.
LetMeSpy was designed to surreptitiously reside on a victim’s phone home screen, making detection and removal challenging. Once installed, often by someone with knowledge of the target’s phone passcode, the app stealthily harvested messages, call logs, and real-time location data.
A copy of the breached database was procured by the nonprofit transparency collective DDoSecrets, which specializes in indexing leaked datasets for public interest. The dataset, shared with TechCrunch, revealed that LetMeSpy had been utilized to siphon data from over 13,000 compromised Android devices worldwide, though the spyware provider’s website had previously claimed control over more than 236,000 devices before the breach.
The database also contained information pointing to Radeal, a tech company based in Krakow, as the developer of LetMeSpy. However, Radeal’s CEO Rafal Lidwin did not respond to requests for comment.
LetMeSpy joins a series of spyware operations that have shut down due to security incidents exposing victims’ data and the identities of the operators. Notably, Spytrac, with a database encompassing over a million user records, was revealed to be operated by Support King—a tech company banned from the surveillance industry by federal regulators in 2021 for inadequately securing stolen data from its former flagship spyware app, SpyFone.
Following reports by TechCrunch, both Spytrac and Support King chose to cease operations.
As the digital landscape remains fraught with privacy concerns and cybersecurity threats, the termination of LetMeSpy underscores the ongoing efforts to address such challenges while safeguarding individuals’ sensitive information.
