VPNs are supposed to help provide users safety, anonymity, and privacy, but these seven providers have failed to perform such very purpose for their customers.
Two research teams from VPNMentor and Comparitech recently independently uncovered a shared database server used by seven providers, listed below, that stored personally identifiable information (PII) in plaintext and completely without protection.
- VPN: What is it and why do you need one?
Included in the leak were passwords, emails, home addresses and device information. Worse, these providers claim to have a no-log or no-tracking policy, and yet as much as 1.207 terabytes of personal data were exposed.
- FAST VPN
- Free VPN
- Flash VPN
- Rabbit VPN
- Secure VPN
- Super VPN
- UFO VPN
Based on the number of subscribers these VPN providers claim to have, over 20 million users are affected. The leakage was first uncovered on June 27, and the database was secured by July 15. This meant search engines and hackers had almost three weeks to scour these valuable data.
If you’re subscribed to any of those VPN providers, your online identity and privacy are probably at risk. With exposed PII, you can become a victim of doxing, blackmail, hacking, fraud, and other crimes. It’s probably time to switch providers and change your account credentials immediately.