What Do IT Services in Seattle Have to Do with Spyware in California?

09/11/2018

We all know that personal data privacy is an incredibly important issue, and one that the whole world is struggling with right now. We all also know that today’s relentless threat of hacking and data breaches are a terrible concern. However, there are some times when data breaches end up sounding really weird, leaving you to scream with… laughter?

That’s certainly the case in one recent data breach that happened to the surprisingly legitimate spyware firm, SpyFone.

What Happened?

Just to clarify things for a moment here, spyware is exactly what you think it is: malware that can steal your content, track your keystrokes, record your phone calls, take screenshots and pictures, and record text messages as well as your browser history. It’s not good stuff.

And yet.

A popular California-based spyware firm called SpyFone, billed as the “number one parental monitoring software,” has unintentionally leaked terabytes of data from thousands of spyware clients and their targets.

Wondering why anyone would want spyware? We were too. We were surprised (and disturbed) to see that SpyFone’s clients can also use the malware to get “peace of mind” about their spouse’s activities and ensure that company property is protected from “inappropriate usage” by employees. Apparently, clients of SpyFone can download the software onto a target device in 15 minutes and, due to the secretive nature of the malware, targets will have no idea they’re being spied on.

By the way, when we say “spied on” we really mean it. SpyFone monitors SMS messages, records calls, provides live viewing services for customers, and collects information from apps like WhatsApp. They must store the information they collect too, because that data forms a portion of what was leaked online.

The rest of the data consisted of: 

  • GPS information
  • Names
  • Hashed passwords
  • Device information
  • IMEI numbers (unique device identifier codes)

Why Does This Data Breach Matter?

As IT services providers, we read about new data breaches each day because it’s part of our jobs. This one stood out to us because the breach occurred because of lax security. No one hacked the database. No ransomware was installed. Instead, SpyFone left a data bucket unattended out in the wilds of the internet, and the vulnerability, once tested, resulted in a data goldmine.

This could have been avoided with some good, preventative IT services.

While we’re not shedding any tears for a spyware company breach, we can’t help but consider what might have happened if this breach had affected any of the business owners we know. Just like SpyFone, the breached business’s name would be splashed across the news, which can cause irreparable damage to an organization’s brand and image. Also, just like SpyFone, the company would have a sudden emergency on their hands and their customers may start leaving in droves.

We haven’t even mentioned potential breach fines yet.

In short, this is bad news for any company, and it’s especially bad news for companies that worked with SpyFone or were a SpyFone customer’s target. (By the way, if you want to see if you were part of this leak, you can check at Troy Hunt’s helpful breach tracking site, Have I Been Pwned?, which allows you to identify what breaches contained your email address).

How Can You Avoid a Similar Fate? Hire a Company for IT Services in Seattle!

Wondering how you can protect your company from losing track of data and causing a breach? Well, we have two suggestions for that, both of which work in tandem.

  • The common-sense approach – In this approach, you’ll… um… not use spyware. Spying on people is not cool at all.
  • The advanced common-sense approach – This one takes a bit more work, but it’s still common sense: keep up with your security patches, updates, firewall perimeters, backups, and antivirus, and make sure you ID and fix security holes constantly. In addition, you should consider strengthening your passwords by using unique passwords for every site and managing those passwords using a password manager. (While you’re at it, it’s probably also a good idea to set up multi-factor authentication to give your business an extra layer of security.)

Not sure how to secure your systems or follow best practices for passwords? It’s easy to get help if your company is in the Seattle area, because we know the perfect company for IT services in Seattle to recommend (wink).

Interplay, for IT Services in Seattle

Since 2001, Interplay has been providing full-service, tailor-fit, customized IT servicesin Seattle and the surrounding area, including monitoring, patching, break/fix support, tech support, and hands-on help.

Rated as one of the top Managed Services Providers (MSPs) in the world, Interplay has the skills, expertise, and plain-old common sense to help you understand how to keep your personal and business data safe and secure.

Contact Interplay to learn more about the services we offer, or to request a quote on our IT services in Seattle.

 

Leave a Reply

Time limit is exhausted. Please reload the CAPTCHA.