The personal details of millions of users of FREE Virtual Private Network providers, which aim to protect the privacy of internet users by hiding their identities, have potentially been exposed in a data breach exposing an estimated 1 billion online records.
In a report provided to Nine News, researchers say a server was "completely open and accessible, exposing private user data for everyone to see".
It claims the affected apps include UFO VPN, Fast VPN, Free VPN, Super VPN, Flash VPN, Secure VPN and Rabbit VPN.
Some of the VPNs also offer premium services for a fee –researchers claim they were also able to view logs of people subscribing to them with some payment information.
Spokespeople for UFO VPN and Fast VPN issued nearly identical statements in response to questions about the breach: "Due to personnel changes caused by COVID-19, we've not found bugs in server firewall rules immediately, which will lead to the potential risk of being hacked. And now it has been fixed".
The companies also claimed they didn't collect all the types of data that researchers say they found.
Technology expert Trevor Long said internet users should avoid free VPN services.
"VPNS are an excellent and highly recommended way of ensuring your security especially when you're on a public wifi network or operating remotely from your home or office, but you need to trust a bigger VPN company," he said.
"This is kind of like car insurance, you need to pay for your VPN, it should be a small subscription fee each month."
"For VPNs to become unsecure by someone being able to access their information at the other end, it ruins the whole purpose of a VPN."
Microbe recently announced a partnership with NordVPN, a paid VPN service which ensures a ‘No Log Policy’. For further information and to purchase a license please visit our site
By Phoebe at 21 Jul 2020, 10:00 AM
mandatory data breach notification (3)
Virtual Private Network (1)
Data Breach (4)
Data Loss Prevention (3)
Game Of Thrones (1)
Windows 7 (1)
Windows Vista (1)
Windows XP (1)
Server 2003 (1)
Server 2008 (1)
We Live Security (1)
Notifiable Data Breach (1)
Gartner Magic Quadrant (1)
Endpoint Protection (1)
Potentially Unwanted Program (PUP) (1)