VPN “No Logs” Provider Exposes Millions Of User Logs
Another day, another failed promise in the privacy world. UFO VPN, which claims a ‘zero logs’ policy, based out of Hong Kong somehow managed to gather and maintain a user database without any password protection, in process exposing 20+ million user logs per day which consisted of 894 GB of data. The logs reportedly included IP addresses, geo-location, connection timestamps, session tokens, device information, OS used, and of course, drumroll please; user passwords. This conduct is in direct violation of UFO VPN’s advertised privacy policy. Link to UFO’s privacy policy; https://ufovpn.io/privacy
This issue was first reported by Bob Diachenko.
To make things even worse, after the data in question has been secured, it resurfaced for a second time on July 20, available on a different IP address. This second data breach is larger and contains records as recent as of July 19; UFO VPN Management can’t get control of its users’ data. There are speculation on the number of users affected but it is likely that if you are a UFO VPN User, your data was exposed and has been copied by unknown number of third parties.
A more detailed blog on the event can be found here: https://www.comparitech.com/blog/vpn-privacy/ufo-vpn-data-exposure/
Sometimes it pays to stay offline. 🙁
I am usually to blogging and i actually respect your content. The article has really peaks my interest. I’m going to bookmark your web site and preserve checking for new information.