Jump to content

MIllions of VPN users have personal details stolen


Recommended Posts

MIllions of VPN users have personal details stolen

Databases of three top Android VPN tools were left exposed with default authentication information

 

artistic representation of a hacker

(Image credit: Shutterstock)

 

The user databases of three popular Android VPN services have reportedly been hacked, with millions of user records now put up for sale online.

 

Databases purportedly from SuperVPN, GeckoVPN, and ChatVPN, together containing a total of twenty one million user records, apparently include sensitive details such as the user’s authentication credentials, according to new research from CyberNews.

 

If the leaked databases are genuine, what’s even more worrying about the leak is the amount of information that these services log about their users, despite claiming not to do so in their respective privacy policies.

 

Besides the authentication information, the databases also include email addresses, payment-related data along with the expiration date of the premium accounts. Reportedly, the threat actor is also offering to sort the data by country for potential buyers.

Pervasive data logging

The team of researchers at CyberNews saw snippets from the databases and reveal that the leak also contains information about the user’s devices, and argue that with the right know-how these can be exploited to launch man-in-the-middle (MITM) attacks on the unsuspecting users.

 

“We reached out to SuperVPN, GeckoVPN, and ChatVPN and asked the providers if they could confirm that the leak was genuine but we have received no responses at the time of writing this report,” the site said.

 

If one takes the word of the hacker on face value, the databases were publicly accessible and the companies didn’t even follow the basic security procedure of disabling the default database credentials. 

 

The news is bound to have serious industry-wide repercussions especially considering the fact that the targeted providers are some of the most popular VPN vendors.  

 

Via: CyberNews

 

 

MIllions of VPN users have personal details stolen

Link to post
Share on other sites
  • Replies 0
  • Created
  • Last Reply

Top Posters In This Topic

  • Karlston

    1

Popular Days

Top Posters In This Topic

Popular Posts

MIllions of VPN users have personal details stolen Databases of three top Android VPN tools were left exposed with default authentication information  

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...