Married celebrity and sports star feared exposed after stalker leaks thousands of intimate messages and selfies

A prominent female star had thousands of intimate images and messages revealing an affair with a sports star leaked online.

The woman, described as “a high-profile personality and entrepreneur” is believed to be British.

She was targeted by a stalker who used spyware to infiltrate her email and social media accounts.

The cyberstalker generated a collection of nearly 90,000 screenshots from her mobile phone and stored them online — but configured it incorrectly, allowing anyone to access it.

Cybersecurity expert and researcher Jeremiah Fowler discovered the leak, which had been online for at least two weeks.

In addition to “intimate, romantic exchanges” and racy images, the stolen data also included invoices and receipts.

The woman, whose identity is being protected by Mr. Fowler, had selfies and private chats from Facebook, WhatsApp, Instagram, and TikTok stolen.

The information revealed she had been having an affair with a well-known sportsman.

Mr. Fowler told The Sun on Sunday: “They were both married. The type of data that was there would have been very damaging.

“It was clear there was an affair going on with a prominent public person.

“This information of the affair never appeared in the media but, because the files were exposed for such a long period, it is highly possible that someone else accessed them and may release them at a later date or attempt to use them for extortion.”

Mr. Fowler, who possesses over a decade of experience in the cybersecurity field, added: “I reported it to the police by email.

“The victim was notified, but I don’t know if she also contacted the police.”

The cyberstalker used the notorious tool Cocospy to access the celebrity’s phone.

The “stalkerware” helps spy on someone by tracking them on their devices without their knowledge.

It had a “stealth mode” that could take screenshots from the targeted device every few minutes.

Mr. Fowler found 86,859 screenshots in the case he uncovered.

Cocospy was taken offline last year, along with two similar spyware apps, after a major security breach saw sensitive data leaked from millions of devices being monitored.

Approximately 3.2 million email addresses of the people who had set up the surveillance were also leaked.

According to Tech magazine Wired, Cocospy stated it was an app for “parental control, tracking, and remote surveillance.”

It had advised users to “do it remotely and 100-percent discreetly,” and a disclaimer added: “For legal use only.”

Creeps caught using stalkerware illegally can be prosecuted in the UK under the Protection from Harassment Act 1997.

American Mr. Fowler, a researcher for US-based Black Hills Information Security, would not provide further details of the case he uncovered but said: “There is a chance she knew who installed the spyware on her device and she possibly handled it internally.”

He was able to contact the woman through WhatsApp because her number was included in the data he found.

He said: “My message was carefully crafted to include that I am an ethical researcher and want nothing from this person other than to inform them and help protect their privacy and notify that they were the victim of a crime.

“I also made it clear that I will not publicly disclose their identity or the identities of those she communicated with or had personal relationships with.”

In a blog post on the ExpressVPN website, Mr. Fowler wrote: “Although the case involves public figures such as celebrities and social media influencers, the underlying issue is not limited to high-profile targets.

“The same tools used in these incidents are commonly deployed in broader cybercrime, harassment, and stalking situations affecting everyday users.

“My goal in publishing these findings is to raise awareness about the risks posed by stalkerware.

“By showing real examples of what this type of software can capture, readers can better understand the seriousness of the privacy violations, ways to identify and protect themselves against it, and the potential harm that it can cause.”

Another expert, tech journalist Will Guyatt, said it is unlikely that this attack was random, given the fact that it was carried out using Cocospy.

He said: “These things are most often used in abusive relationships, and relationships of coercive control. This stuff can be put on phones to track people, where they are, without them knowing.

“I’d say that these attacks are few and far between. But it does show it is important not just to keep track of passwords, but also where you have left your device.”

In Wired magazine’s report on the celebrity data leak, Mr. Fowler revealed there were a large number of selfies among the haul.

His findings come as digital technology is increasingly being exploited by men to abuse and harass women.

Mr. Fowler is held in high regard by fellow cybercrime experts in the US.

In January, he warned about 150 million Gmail and Facebook users having their passwords stolen in a cyberattack.

And in July of the previous year, he uncovered in the US how up to one million adoption files had been left exposed online to the public before authorities noticed the enormous data breach.