The terabyte of data leakage applies to vpn applications that promised not to collect data in the first place.
Seven different vpn apps for Android and iPhone were a blatant threat to the security of their users, vpnMentor finds out in their study, of which Digital Trends reported on.
There are two problems. The apps promised not to record the activity of their users, but still did so. Second, the data collected were laxly stored so that they were freely viewable on the Internet. There was a total of more than a terabyte of data. One terabyte equals one thousand gigabytes.
In addition to Internet activity, the information included email addresses, plaintext passwords, PayPal payment information, IP addresses, and home addresses. Such personally identifiable information was potentially available from more than 20 million users if there is confidence in the reported download volumes of the applications.
Those applications are called UFO VPN, FAST VPN, Free VPN, Super VPN, Flash VPN, Secure VPN and Rabbit VPN. They all seem to be the handwriting of the same Hong Kong company. Much of the apps were still available on Google Play and / or the App Store when this news was made.
One of the applications, UFO VPN, responded to vpnMentor’s query and assured that there was no personal information in the database. According to it, the server was not secured due to the corona pandemic. In addition, the email addresses included in the information were, according to the developer, only from users who had sent them feedback. However, VpnMentor proved in its own experiments that the UFO VPN statement is in no way true.
The data is no longer accessible from the outside, but it does not eliminate the basic problem of breaking promises.
– The lack of rudimentary security measures in a key part of a cyber security product is not just shocking. It also shows complete indifference to standard vpn practices, putting users at risk, vpnMentor screams.
People usually resort to vpn programs for two main reasons. The first is the encryption of communications, meaning that no one should be able to intercept data between a user and the online services they use. The second is to hide your location.
However, the Vpn’s promise of security has often proved questionable. Several vpn applications that abuse people’s trust have been found over the years.