A security researcher discovered a publicly accessible cloud repository containing nearly 90,000 screenshots of a European celebrity’s private data, likely harvested through the notorious stalkerware tool Cocospy.

Key Points

• Security researcher Jeremiah Fowler discovered an unsecured cloud database containing 86,859 screenshots of a celebrity’s private messages, photos, and financial documents.
• The exposed data, spanning from mid-2024 to mid-2025, was stored in a repository explicitly labeled "Cocospy," a known commercial spyware application.
• Stalkerware like Cocospy operates in "stealth mode" to silently capture and upload a target's real-time activity, including social media chats and location data, to remote servers.
• The breach compromised not only the primary target but also the private communications and sensitive contact information of the celebrity's associates and influencers.
• While the specific cloud host was not named, the data was secured after the researcher notified the service provider to contact the repository owner.

Why it Matters

This incident highlights the dual-threat nature of stalkerware, which violates individual privacy while creating massive, insecure data troves vulnerable to public exposure. Such breaches demonstrate how technology-facilitated abuse can escalate into broader security disasters, potentially exposing victims to identity theft, harassment, and further exploitation by third-party cybercriminals.