Spyware maker pcTattletale says it’s “down” and shuts down after data breach

The founder of spy app pcTattletale said his company has “gone out of business and is completely closed” following a weekend data breach.

The shutdown comes days after a hacker defaced the spyware maker’s website and posted links containing large amounts of data from pcTattletale’s servers, including databases containing customer information and stolen data from some victims.

pcTattletale was a remote surveillance app – often called “stalkerware” for its ability to track people without their knowledge – that allowed the person who hosted the app to remotely view screenshots of a victim’s Android or Windows device and their private data from anywhere in the world world. pcTattletale advertised its spy app as a way to monitor employees, but it also openly promoted the ability to spy on spouses and domestic partners without their consent, which is illegal.

According to data breach notification site Have I Been Pwned, 138,000 customers used the now-defunct app.

On the defaced website, the hacker claimed that pcTattletale’s servers could be tricked into handing over the private keys of an Amazon Web Services account where the spyware creator stored hundreds of millions of screenshots of devices on which the spyware was installed.

At the time of writing, the pcTattletale website remains offline.

The app’s founder, Bryan Fleming, told TechCrunch in a text message Tuesday that he no longer has access to the company’s Amazon Web Services account.

“I deleted everything because the data breach could have exposed my clients,” Fleming said. “The account has been closed (and) the servers have been deleted.”

Analysis of the leaked data shows that pcTattletale stored over 300 million screenshots of victims’ devices from years ago on its Amazon S3 server. TechCrunch independently confirmed that there were publicly available screenshots of devices monitored by pcTattletale on the Internet.

The story continues

It appears that Amazon may have taken action against the spyware creator. The Amazon S3 storage server that pcTattletale used to store device screenshots now reads “AllAccessDisabled,” an error code that Amazon uses to block all access to a customer’s account, including the customer whose only option is to contact Amazon “at for further assistance.” However, Fleming did not address the question of whether AWS had shut him down, nor did AWS spokesman Grant Milne.

Fleming said it did not keep a copy of the data and did not explain that the company had deleted the data without first notifying people whose information was exposed in the data breach. He stopped responding to our inquiries.

pcTattletale’s situation is not unique: spyware applications are notoriously buggy and leak or spill data. Federal regulators have in the past banned stalkerware developers from operating in the surveillance industry due to poor security practices.

Asked about pcTattletale, Federal Trade Commission spokeswoman Juliana Gruenwald Henderson said the agency does not comment on whether it is investigating a specific matter.

Other spyware makers have closed down after similar breaches. Polish-developed spy software LetMeSpy was shut down in June 2023 after its systems were hacked and customer data was deleted, and spy apps PhoneSpector and Highster were shut down following a New York state investigation.

Your Android phone could have stalkerware — here’s how to remove it