Data breach exposes 21 Million employee screenshots from a workplace surveillance tool

Data breach exposes 21 Million employee screenshots from a workplace surveillance tool
Agencies Ghacks
Apr 24, 2025
Security
|
0

In a staggering privacy breach, over 21 million images documenting employee activity from a workplace surveillance tool have been leaked. The affected app is called WorkComposer, which is used by IT teams to monitor employees in an office.

The leak was discovered by researchers at Cybernews, who revealed that the images contained sensitive data, including full-screen captures of emails, internal communication, and confidential documents, potentially placing thousands of employees and companies at risk. According to the report, the images were hosted on an unsecured Amazon S3 bucket. Toms Guide reports that WorkComposer secured the exposed data after being informed of the breach. However, the damage could have been done, as anyone could have viewed sensitive corporate information.

This in turn could have violated both the European Union's General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), placing affected companies at risk of significant legal repercussions. The leaked information could facilitate identity theft, unauthorized access to employee accounts, and even broader data breaches targeting the businesses themselves.

WorkComposer is utilized by more than 200,000 users, it operates by monitoring productivity through keylogging, tracking application use, and taking regular desktop screenshots. While its purpose is to enhance workplace efficiency, the exposure of such a vast trove of data raises severe privacy concerns. The ethical implications surrounding the use of such workplace surveillance tools continue to be a contentious issue. Employees often lack control over what these applications capture, which could extend to sensitive personal information like private chats, medical data, etc.

A similar breach, linked to another surveillance tool called WebWork exposed 13 million screenshots earlier this year. Such recurring vulnerabilities in workplace monitoring systems raise alarms about the broader consequences of unregulated data practices. These incidents highlight the urgent need for clearer regulations and privacy standards of employee monitoring, considering that many people work remotely.

Advertisement

Related content

FBI Issues new alert over phishing SMS scam targeting highway toll customers
Windows 11 set up is automatically enabling OneDrive folder back up for users

Windows has an 8-year-old security issue that is exploited and known by Microsoft for some time

1Password password manager gets location support for faster access

LibreOffice: Windows vulnerability affects links in documents, patch available

There is a new PayPal Phishing Scam that you need to know about (using real PayPal emails)

Lexmark issues warning about critical security vulnerabilities in printer software

Previous Post: «

Comments

There are no comments on this post yet, be the first one to share your thoughts!

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.

Advertisement

Spread the Word

Advertisement

Hot Discussions

Advertisement

Recently Updated

Advertisement

About gHacks

Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.

The name and logo of Ghacks are copyrights or trademarks of SOFTONIC INTERNATIONAL S.A.
Copyright SOFTONIC INTERNATIONAL S.A. © 2005- 2025 - All rights reserved