It’s one thing to slip spyware onto somebody’s phone so you can surreptitiously intercept text messages, call logs, emails, location tracking, calendar information and record conversations – that kind of privacy-spurning stuff.
It’s another thing entirely to be the company that makes and markets the software… and – the coup de GAH! – to suffer a breach that exposes not only the private data of the buggers, but that of the buggees…