[ad_1]
Virtual Private Network or VPN companies together with UFO VPN, Rabbit VPN, Free VPN, and 4 extra have been discovered to have leaked over 1TB of personal person data, as per a brand new report. A report acknowledged that these VPNs uncovered a database of person logs and API entry data and not using a password or authentication. A separate report identified that UFO VPN was only one of the a number of VPN service suppliers that have been leaking personal data.
At the beginning of July, Comparitech found that Hong Kong-based VPN supplier UFO VPN uncovered private person data like plain textual content passwords, VPN session secrets and techniques, IP addresses, connection timestamps, geo-tags, and machine and OS traits. The firm was knowledgeable about the identical and greater than two weeks later, it reportedly fastened the difficulty, stating that no data was leaked. The leak impacts each free and paid prospects and reportedly all customers of the service are probably affected, taking the quantity to 20 million customers. This quantities to 894GB of leaked knowledge.
Following this discovery, vpnMentor found that UFO VPN was not the one one and 6 others that have been seemingly linked to a typical app developer and white labeled for different firms have been discovered to be doing the identical. These embody Fast VPN, Free VPN, Super VPN, Flash VPN, Secure VPN, and Rabbit VPN. Notably, all of these apps declare they don’t log any person unique IP tackle or person exercise. It was discovered {that a} complete of 1.2TB of knowledge was leaked.
The excellent news is that the largest VPN firms that most individuals most likely use, haven’t been implicated on this report.
The workforce at vpnMentor discovered that the VPNs share an Elasticssearch server, have a single recipient for funds, Dreamfii HK Limited, and share quite a bit of the property. They reached out to the varied VPN companies concerned and whereas some of them didn’t reply, others acknowledged after a number of days that the difficulty had been fastened. Most of these VPN apps are nonetheless listed on the Google Play retailer.
Potential affect of knowledge leak
This knowledge leak might result in phishing and fraud, blackmail, viral assault, hacking, doxing, and different varieties of cybercrimes. Over 20 million folks worldwide might have been uncovered to this leak. Users are suggested change their passwords or to modify to a safer VPN service supplier.
[ad_2]
Source