![]() Logs showed that some users were accessing these VPNs from countries where VPN use is illegal, including Iran. The VPNMentor team created an account with UFO VPN - and watched in real-time as their account's private personal information came into public view. "It also shows a total disregard for standard VPN practices that put their users at risk." How exposed VPN data puts users at risk "This lack of basic security measures in an essential part of a cybersecurity product is not just shocking," said the VPNMentor report. In total, more than a billion records comprising 1.2TB of data were exposed, including usernames, plaintext passwords, email addresses, home addresses, IP addresses, Bitcoin data, PayPal payment data, connection logs, session tokens, location information, customer complaint logs and website-visit histories. Four days later, a team from VPNMentor (opens in new tab) found the same server and noticed that data from the other six VPNs was also included. First was Bob Diachenko of Comparitech (opens in new tab), who discovered the server holding 894GB of UFO VPN data on July 1. ![]() Two different teams of security researchers found this user data online. Tom's Guide has reached out to Dreamfii HK, parent company of UFO VPN, for comment, and we will update this story when we receive a response. You should also stop using that VPN immediately and consider asking your VPN provider some tough questions. If you use any of these VPNs, we recommend you change your password for the service immediately, and change the same password on any other account for which you used it.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |