As reported by Nine News, researchers at vpnMentor have found an exposed server which potentially leaked over one billion records of PII, belonging to 20 million users. The server is being shared by over seven free VPN providers and failed to safeguard their server online. Some have blamed personal reasons for this cause, and some said it’s now secured.
Free VPN Server Exposed Users Data
Virtual Private Networks (VPNs) are something that hides users’ online identity and helps them browse securely without any being snooped by authorities. Moreover, these are being used to bypass geographical censorship and access blocked content. Thus, these are expected to turn their users into anonymous online. But, here’s an incident exposing all of those trusted users and their online activity.
As per vpnMentor researchers, a VPN analyser, a server shared by several free VPN providers like Super VPN, Fast VPN, Free VPN, UFO VPN, Rabbit VPN, Flash VPN and Secure VPN, was exposed online without any authorization. This can be viewed and accessed by anyone from the public. All these providers seemed to have relied on a server that’s overseen by a Hong Kong-based owner and developer.
Opening up, the database within the exposed server contained about one billion records from 20 million users, as researchers claimed. Details include the Personally identifiable information like email addresses, home addresses, clear text passwords, IP addresses etc.
Spokespersons of Fast VPN and UFO VPN blamed the personal changes caused by COVID-19, where they had failed to find out any bugs in the server firewalls, which could have led to being hacked. Further, they claim the issue is being fixed. Mobipotato, a company that represents Fast VPN said the server was at risk from June 29th to July 13th. Further, they claimed that didn’t collect such PII which researchers had mentioned.