Google Chrome

SpyX stalkerware data breach exposes nearly 2 million users and Apple iCloud credentials

In June 2024, the consumer‑grade spyware service SpyX suffered a data breach that was disclosed in March 2025, leaking roughly 1.97 million unique records. The leak included about 17,000 plaintext Apple iCloud usernames and passwords, as well as data from clone apps MSafely and SpyPhone, bringing the total compromised accounts to nearly 2 million. Security researcher Troy Hunt verified the breach through Have I Been Pwned, and Google subsequently removed a related Chrome extension. Affected users were urged to change passwords and enable multi‑factor authentication.