cyber-security
Technology

21 million virtual private network (VPN) mobile users’ data and credentials were exposed

  •  
  •  
  •  
  •  
  •  
  •  

Last week, the data and credentials of 21 million mobile VPN users were discovered for sale on an online forum. After allegedly stealing users’ data from mobile VPN Android apps, a cyber thief put the credentials up for sale. Email addresses, full names, usernames, randomly generated passwords, country of origin, payment information, and even device IDs were among the information stolen.

SuperVPN, GeckoVPN, and ChatVPN were the VPN apps involved – On Google Play, SuperVPN has over 100 million downloads, GeckoVPN has around one million instals, and ChatVPN has around 50,000 downloads, all of which are still available to download and instal. Although the app’s creators have yet to confirm the attack, it is the largest VPN privacy attack ever recorded, a tool designed to increase privacy.

The Advantages of Using a VPN

The data breach was deemed a tragedy by cybersecurity experts, as VPN is a service that users rely on to ensure their online privacy.

VPN (Virtual Private Network) is a service that allows users to encrypt their data and keep their online activity completely private; it can be used on both domestic and public Wi-Fi connections. No one can track your data, hackers, or even the government, thanks to the VPN, which keeps web browsing private and anonymous.

Some people use VPNs to access content from other countries or geoblocked websites, such as live streams or streaming services, so the VPN will change the user’s IP address to appear as if they are in another country, bypassing the geoblock.

Anyone can benefit from using a good VPN, and it should be one of the most trusted services and tools available. This is why the leak was viewed as a tragedy, since VPN providers should be protecting their users’ credentials and information and not being so vulnerable to hacker attacks.

Concerns Regarding VPN Apps

Concerns about VPN use were raised as soon as the data was leaked and found for sale on forums, but the alleged hacker responded to the question of how this could happen. According to him, the issue was not the VPN apps themselves, but rather the lack of security measures in place for users’ credentials, as the majority of them did not change their default password.

Anyone can make this mistake, but a VPN provider should have a way to protect the default password. Because the three databases were publicly accessible, the hacker could easily access them.

“The data was taken from publicly available databases that were left vulnerable by the VPN providers because developers left default database credentials in use,” according to CyberNews.

But right now, the primary concern is that if the amount of data that was hacked and is now being sold online is accurate, that means that those VPN providers are accessing more information than what is outlined in their Privacy Policies.

Choosing a VPN Service Provider
However, those looking for a good VPN provider should not be put off by the exposed data; this service is still necessary to encrypt users’ internet traffic and protect their privacy when it comes to online activity. The first step is to ensure that the VPN is not logging or gathering data from its users’ online activity.

Although the apps mentioned above are not acting in accordance with their privacy policies, it’s always a good idea to read the VPN’s privacy policy before using it to see how they handle potential problems.

Reading trusted reviews written by third-party websites and experts is a key factor in determining whether or not a VPN provider is decent. The problems discussed on the three apps involved in the attack were discovered to have been discovered by experts a few months prior.

Most importantly, see if the VPN provider has a dedicated customer support area for its customers that is easy to contact. Any potential problems can be resolved in this manner, and the company can be contacted.


  •  
  •  
  •  
  •  
  •  
  •