As many as seven VPN Apps user data has been left for the hackers. The data has been sitting idle without any privacy or security for anyone to take advantage of and make the people using the application vulnerable.
This was first tracked by Comparitech which spotted this vulnerability on UFO VPN which has a user database of 20 Million. The security head of Comparitech noticed this flaw and informed the app provider on 1 July. The company says they aren’t using the data collected from the user or distributing them. The records which were exposed violates the privacy policy of the VPN provider.
Earlier this week, the report came in from vpnMentor claiming that a total of 7 VPN apps have witnessed the database leak putting the sensitive information of millions of users. This includes UFO VPN and 6 other virtual network providers.
Surprisingly, all these applications are connected to a single app developer and all these have similar exposures to their database including the same server, hosting, and the payment receipts.
Although there is a sign of relief because the popular VPN services are not affected by breach.
The records by the companies show that the passwords are left exposed in plain texts. Other information like the IP, GeoTag, Phone Models, Location, Websites Visited is also leaked from the database.
All this is sensitive information and with a little bit of social engineering, any hacker can make the best use of this through many methods including spam and junks into the victim’s devices. While many companies have responded and say that it’s now fixed, some of these providers are not yet replying to the email sent by vpnMentor for fixing the security issue in their system.
This week we spotted another Trojan attack which put the data of users in danger named ‘BlackRock’. While technology is evolving every day, it’s important to stay updated against the potential risks while browsing online and staying away from these dangers.
