A Week Later, Hacked Spyware Vendors Haven't Warned Their 130,000 Customers

Tens of thousands of people are in the dark.

Motherboard recently reported hackers had targeted two companies that sell spyware to the everyday consumer—Retina-X and FlexiSpy. Hackers made off with a mix of over 130,000 customer records, as well as company documents and even text messages and photos captured by Retina-X’s malware.

A week later, and affected customers say neither company has informed them about the data breaches, with one company allegedly telling staff to lie to victims who inquired about the hack.

Ten FlexiSpy and Retina-X customers told Motherboard via email that they had not received any notifications about the hacks.

“Your email is the first I’ve heard of this,” one Retina-X customer said.

“No, PhoneSheriff [one of Retina-X’s products] has not told me anything about it,” said another.

One person was even a customer of both Retina-X and FlexiSpy.

“I haven’t received any notification or communication from either company about their data breaches or the fact that my details were compromised,” the customer said.

Both companies sell malware marketed to monitor children or employees, and in FlexiSpy’s case, to spy on spouses. However, consumer malware has repeatedly appeared in cases of domestic violence.

The type of data obtained by hackers. Image: Motherboard

At least in Retina-X’s case, the lack of customer outreach doesn’t appear to be down to incompetence. An alleged email obtained by Motherboard seems to show a Retina-X employee telling staff not to inform customers about the hack, even when specifically asked for details.

“If any visitor asks if we have been hacked, then let them know this: Our server was not wiped because of a hack. We had a corrupted OS due to a hard disk failure. The drive had to be reformatted and reloaded for the server. Everything is running fine,” the employee, called Arun, writes. Motherboard verified that the mail server mentioned in the email’s headers was accurate.

“Please make sure you all are aware of the appropriate response. The response is only for those who specifically mention a ‘hack’ or ‘data breach’. A simple mention of downtime or inability to login should NOT receive this response. Please make sure that the response is not sent to someone who did not specifically mention the word ‘hack’ or ‘data breach’,” the email continues. When a hacker wiped Retina-X’s servers in around February, Retina-X posted a warning to customers, claiming that the company had suffered a hardware failure.

Neither Retina-X or FlexiSpy responded to a request for comment on Tuesday.

Max Hoppenstedt contributed reporting.

Subscribe to Science Solved It , Motherboard’s new show about the greatest mysteries that were solved by science.