
Stalkerware Data Breach Exposes Over 500,000 Records in 2026
Hacktivist Exposes 536,000+ Stalkerware Customer Records โ Major Breach at Struktura/Ersten Group (Feb 2026)
In a striking case of irony, a hacktivist has scraped and leaked over 536,000 payment records from a major stalkerware provider โ exposing the very people who paid to spy on others.
The vendor operates as Struktura (Ukraine) and presents itself as Ersten Group (UK shell). Affected apps include uMobix, Xnspy, Geofinder, and Peekviewer (ex-Glassagram).
What Was Leaked?
- ~536,000 transaction records
- Customer email addresses
- Purchased app/brand (uMobix, Xnspy, etc.)
- Payment amount
- Card type (Visa, Mastercard, etc.)
- Last 4 digits of payment card
- No full card numbers, CVV, expiry dates, or transaction dates
Verification: TechCrunch confirmed authenticity via:
- Password resets on disposable emails (Mailinator)
- Matching unique invoice IDs on vendor checkout pages (no auth required)
The leak targets customers (the spies) โ not victims’ phone data.
How the Breach Happened
Hacktivist “wikkid” exploited a “trivial” website bug to scrape transaction data without authentication.
โI have fun targeting apps that are used to spy on people.โ โ wikkid to TechCrunch
Data was posted on a known hacking forum under Ersten Group.
Affected Stalkerware Apps
All run by the same vendor (Struktura/Ersten Group):
- uMobix โ full phone spy (messages, calls, location, browser)
- Xnspy โ notorious (2022 breach leaked victim phone data from 10K+ devices)
- Geofinder โ location tracking
- Peekviewer (ex-Glassagram) โ private Instagram viewer
These apps often market for spying on spouses/partners โ illegal without consent in most jurisdictions.
The Irony & Pattern of Stalkerware Breaches
Stalkerware vendors repeatedly fail at basic security:
- 2022: Xnspy leaked victim phone data
- Multiple vendors over years: customer & victim data exposed
Now the spies become the spied upon โ their emails + partial card info public.
Experts note: Companies violating privacy often neglect their own security.
Legal & Ethical Implications
- Installing stalkerware without consent is illegal (wiretapping, privacy laws)
- Can lead to criminal charges, civil suits, restraining orders
- This leak documents purchases โ potential evidence against users
What Should You Do?
If you bought these apps:
- Assume email + partial card info is public
- Monitor for phishing
- Change passwords on linked accounts
- Consider new card (last-4 exposure risk)
If you suspect stalkerware on your device:
- Signs: battery drain, data spikes, unknown apps
- Android: Settings > Apps
- iPhone: Settings > General > VPN & Device Management
- Use reputable security apps
- Domestic abuse? Contact authorities/support first
Vendor Response
- Ersten Group & Struktura: No comment to TechCrunch
- CEO Viktoriia Zosim (Struktura) email in early test transaction
Typical silence from stalkerware operators.
The Bigger Picture
This breach highlights:
- Reciprocal risk: Spy on others โ become a target
- Poor security in surveillance industry
- Growing hacktivism against stalkerware
As consumer surveillance tools proliferate, expect more exposure of both spies and victims.
Stay safe โ never use stalkerware.
Thoughts on this breach? Drop below. ๐
Anish is the founder of TechBoltX, sharing mobile gaming rewards, guides, and daily updates.