Recently, the seven VPN services that claim Zero-log has exposed millions of users; all the VPNs are from Hong-kong based service provider that has exposed the user’s online activities and left 1.2 terabytes of individual user data.
VPNs that Exposed Millions of Users’ Data
- UFO VPN
- FAST VPN
- Free VPN
- Super VPN
- Flash VPN
- Secure VPN
- Rabbit VPN
Data Breach Summary
This data breach has affected millions of users’ sensitive data that consist of connection logs, addresses, payment info, plain text passwords, and website activities. Here is the summary of this breach mentioned below:-
- Headquarters: Hong Kong
- Industry: Cybersecurity
- The total size of data: 1.207 TB
- Total number of files: 1,083,997,361 records
- No. of people exposed: Over 20 million, based on user numbers claimed by the VPNs
- Types of data exposed: Activity logs, PII (names, emails, home address), cleartext passwords, Bitcoin payment information, support messages, personal device information, tech specs, account info, direct Paypal API links
- Potential impact: Fraud, doxing, blackmail, extortion, viral attack, and hacking, arrest, and persecution
- Data storage format: ElasticSearch Server
According to the experts of the VPN sectors, they believe the data that was exposed in this leak by the VPNs were from the same developer, and to prove this, they have introduced their findings:-
- The leaked data was hosted on similar assets.
- The VPNs offer a very regular Elasticsearch server.
- The single recipient for all payments are used, Dreamfii HK Limited.
- Super VPN, Flash VPN, and Free VPN serve almost the same branding on their websites.
While the other four VPNs, UFO VPN, FAST VPN, FREE VPN, and Secure VPN, were also created by the same developer, as the developer has rebranded it to use under multiple names.
The expert team of the VPN has obtained some records that lie within the leaked database, which includes a lot of private details regarding the users. Even it also contains some technical information as well regarding the devices on which the VPNs were connected.
To make it clear, security experts have assembled a list of all private and technical details that were obtained in this data breach, and here they are mentioned below:-
- Internet Service Provider (ISP)
- Connection logs, traffic, and sites that are visited
- Origin IP addresses
- Phone models
- Actual location
- App version
- Device type
- Device ID
- User network connection
Experts have also found some cases of Huawei-labeled data records that are not related to users’ devices. So, after investigating the whole matter, recently, Huawei has been implicated in spying on American clients by their devices.
Personal Data Involved (PII)
This data breach has leaked all the sensitive and personal data, and there was no shortage of PII data in this server leak, here’s the data that was leaked:-
- Full names
- Home or work address of users
- This leak also consists of users’ origin IP addresses as well as the IP address of the VPN server that they related to the VPN account login credentials.
This data breach was detected as a massive part of the web mapping project, and the experts used port scanning to check appropriate IP blocks and examine different systems for weaknesses or vulnerabilities. This implies that the experts started exploring each defect for any data being exposed.
Moreover, to make an appropriate list of information about this data breach, experts introduced a “Leak Box,” which provides ethical hackers to notify any data breach that they find online anonymously.