A massive breach of privacy has been uncovered involving nearly 90,000 screenshots from the personal smartphone of a European celebrity. The data, which includes intimate photos, private messages, and financial details, was found sitting in an unsecured cloud repository on the open internet. The exposure highlights a critical intersection between stalkerware —malicious software used to spy on individuals—and the growing risk of secondary data breaches.
The Scope of the Exposure
Jeremiah Fowler, a security researcher at Black Hills Information Security, discovered the dataset on Thursday. The repository was publicly accessible with no password protection or access controls. Upon analysis, Fowler identified the contents as a comprehensive digital surveillance log of a single individual’s life.
The dataset contained 86,859 images spanning from mid-2024 to mid-2025. The screenshots were meticulously organized by platform—Instagram, Facebook, TikTok, and WhatsApp—capturing every interaction the victim had with others.
“All the selfies were one person, all the chats were one person, and it was basically everyone they chatted with divided into Instagram, Facebook, TikTok, and WhatsApp,” Fowler explained.
The content was highly sensitive. It included:
* Explicit nudity and intimate photos.
* Private conversations with models, influencers, and other high-profile figures.
* Business communications containing invoices and payment details.
* Partial credit card numbers and phone numbers.
Fowler noted that the breach victimizes not only the primary target but also everyone they communicated with. “You capture the initial victim, but you also victimize everyone they communicate with,” he said. To protect the identities involved, Fowler did not name the celebrity or their associates and reported the incident to local law enforcement and the cloud service provider.
The Role of Cocospy Stalkerware
The repository was named “Cocospy,” a notorious commercial spyware application known for its ability to secretly monitor Android devices. Cocospy was marketed under the guise of “parental control” and “remote surveillance,” promising users the ability to track locations, read messages, and view browsing history “100% discreetly.”
However, security experts have long classified Cocospy as full-blown spyware. Vangelis Stykas, CTO of security firm Kumio AI, described the software’s capabilities:
“Their malware on Android was full-blown spyware. It pretty much uploads everything from your phone to their cloud.”
The app featured a “stealth mode” that could take screenshots of the victim’s screen every few minutes, capturing real-time activity. While the website claimed the software was for “legal use only,” it required brief physical access to the target’s device for installation—a common tactic in cases of intimate partner surveillance.
Cocospy and two related apps went offline early last year following a major security flaw that exposed millions of user emails and victim data. The current discovery suggests that data collected during the app’s operational period remained vulnerable due to poor data management practices by its operators or users.
A Pattern of Digital Abuse
This incident is not an isolated anomaly but part of a broader trend of technology-facilitated abuse. Digital rights advocates and criminologists warn that stalkerware is increasingly used by abusers to monitor, control, and harass partners, particularly women.
Katy Brookfield, an associate criminology professor at the University of Nottingham who specializes in technology-facilitated abuse, emphasized the predatory nature of these tools.
“Abusers will use any technology they can get their hands on that allows them to monitor, surveil, control what their partner is doing, saying who they’re seeing, what they’re looking up online,” Brookfield said.
The risks extend beyond the immediate abuser. When such data is breached, it can be weaponized by third parties. Online communities have been known to dox women, share private images, and sell hacking services, turning private surveillance data into public ammunition for harassment and identity theft.
Conclusion
The exposure of this celebrity’s data serves as a stark warning about the dual dangers of stalkerware: the immediate violation of privacy by the installer, and the long-term risk of data being breached by unrelated actors. As surveillance tools become more sophisticated and widely available, the potential for catastrophic privacy failures grows, underscoring the urgent need for stronger legal protections and technical safeguards against digital abuse.
