 |
Photo: Dayne Topkin From: Unsplash |
No-Log VPN means those VPNs will not store any of the internet activity you've done on your device while using the VPN, not only does these 7 VPNs stored the user data on their servers, the servers which they stored the data are unsecured and unencrypted, so, can be accessed by anyone on the internet, the data that was stored in the servers include sensitive information too.
According to the report, the user data stored in the servers include "internet activity logs, and Personally Identifiable Information (PII) like email addresses, clear text passwords, IP addresses, home addresses, phone models, device ID, and other technical details."
The VPN Mentor research team lead by Noam Rotem has found that all these 7 VPNs are under the same company and developer that was headquartered in HongKong and the data from all these 7 VPNs is stored in the same servers, based on user numbers claimed by the VPNs, over 20 million users were affected by this.
The 7 free VPNs that stored user logs are UFO VPN, FAST VPN, Free VPN, Super VPN, Flash VPN, Secure VPN, Rabbit VPN. A total of 1.2 TB of data was stored and was exposed, all the data was stored in ElasticSearch Server, these 7 VPNs share a lot of common things.
They all are hosted on the same assets, they have a single recipient for payments, Dreamfii HK Limited, and at least three of the VPNs on the server share almost identical branding on their websites. These VPNs also promises "military-grade security features and zero logs policies" to the users.
VPN Mentor emphasizes that "Our team was able to access this database because it was completely unsecured and unencrypted," and recommends users to switch to a new VPN service if you use any of the above-mentioned VPNs as these VPNs have thousands to millions of downloads on PlayStore.
Comments
Post a Comment
Comment your thoughts and feedback