Hacktivist Exposes 536,000 Customer Records from Stalkerware Vendor Struktura
A hacktivist operating under the alias wikkid breached the website of Struktura, a Ukrainian software company linked to consumer spyware services like Geofinder, uMobix, and Peekviewer, earlier this month. Exploiting a "trivial" vulnerability, the attacker extracted 536,000 customer records, including names, email addresses, purchase details, and partial credit card information though payment dates were omitted.
The leaked data, verified by TechCrunch through password reset tests and invoice matching, revealed transaction specifics such as payment amounts, card types (Visa/Mastercard), and the last four digits of card numbers. Wikkid publicly posted the archive on a hacking forum, framing the attack as retaliation against apps used for "spying on people." The vendor was identified as Ersten Group, a UK-based software startup.
Struktura, which markets its surveillance tools as child or employee monitoring solutions despite their frequent misuse for stalking has not responded to the incident. Consumer spyware, often disguised as legitimate security software, remains a contentious and legally ambiguous industry. The breach underscores ongoing risks associated with such platforms and their handling of sensitive user data.
STRUKTURA cybersecurity rating report: https://www.rankiteo.com/company/strukturaio
"id": "STR1770725180",
"linkid": "strukturaio",
"type": "Breach",
"date": "2/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': '536,000',
'industry': 'Consumer Spyware/Surveillance Tools',
'location': 'Ukraine',
'name': 'Struktura',
'type': 'Software Company'},
{'industry': 'Consumer Spyware/Surveillance Tools',
'location': 'UK',
'name': 'Ersten Group',
'type': 'Software Startup'}],
'attack_vector': 'Vulnerability Exploitation',
'data_breach': {'data_exfiltration': 'Yes',
'number_of_records_exposed': '536,000',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High (PII and payment data)',
'type_of_data_compromised': ['Names',
'Email addresses',
'Purchase details',
'Partial credit card '
'information']},
'description': 'A hacktivist operating under the alias *wikkid* breached the '
'website of Struktura, a Ukrainian software company linked to '
'consumer spyware services like Geofinder, uMobix, and '
'Peekviewer. The attacker exploited a trivial vulnerability to '
'extract 536,000 customer records, including names, email '
'addresses, purchase details, and partial credit card '
'information. The leaked data was publicly posted on a hacking '
'forum as retaliation against apps used for spying on people.',
'impact': {'brand_reputation_impact': 'Likely negative impact due to '
'association with stalkerware',
'data_compromised': '536,000 customer records',
'identity_theft_risk': 'High (exposed PII and partial payment '
'data)',
'payment_information_risk': 'Partial credit card information '
'exposed',
'systems_affected': 'Struktura website'},
'motivation': 'Retaliation against apps used for spying on people',
'post_incident_analysis': {'root_causes': 'Trivial vulnerability in '
"Struktura's website"},
'references': [{'source': 'TechCrunch'}],
'threat_actor': 'Hacktivist (alias: *wikkid*)',
'title': 'Hacktivist Exposes 536,000 Customer Records from Stalkerware Vendor '
'Struktura',
'type': 'Data Breach',
'vulnerability_exploited': 'Trivial vulnerability'}