ShellCodeX
Tools โ€ข Events โ€ข News โ€ข Insights
ShellCodeX Breach Report

SpyX Data Breach

spyx.com
Significant exposure
Verified breach Sensitive Passwords exposed
Accounts exposed 1,977,011
Breach date 24 Jun 2024
Added to tracker 19 Mar 2025
Data classes 5

What happened

In June 2024, spyware maker SpyX suffered a data breach that exposed almost 2M unique email addresses. The breach also exposed IP addresses, countries of residence, device information and 6-digit PINs in the password field. Further, a collection of iCloud credentials likely used to monitor targets directly via the cloud were also in the breach and contained the target's email address and plain text Apple password.

Exposed data

Device information Email addresses Geographic locations IP addresses Passwords

Recommended actions

  • Change your SpyX password immediately, and update it anywhere you reused the same password.
  • Enable two-factor authentication on the affected account and on your critical services (email, banking).
  • Watch for targeted phishing emails referencing SpyX โ€” attackers weaponise breach data quickly.
  • Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP