VPNs are used for a myriad reasons, whether it be for access online content that is otherwise not available in your region, or in other cases, provide an increased degree of privacy while using the internet. In a rather concerning turn of events, seven VPN providers based in Hong Kong have leaked a reported 1.2TB worth of user data.
This according to The Register, which cites the discovery of Comparitech’s Bob Diachenko, who initially spotted the unsecured cluster of data from VPN UFO.
The leaked data is said to include connection logs, addresses, payment info, plain text passwords and website activity, which is of course a cause for concern.
Some of the aforementioned information has been taken offline, but most of it was visible online for 18 days via the IoT search engine Shogan.io.
UFO VPN, which is viewed as having the most leaked user data, provided a rather unconvincing reason as to how this happened, with changes to its staffing as a result of COVID-19 leading to an inability to secure said data.
Regardless of whether that is indeed the case, remains to be seen, but it does look like there are some glaring inconsistencies in terms of what data VPN UFO says it captures.
As The Register points out, the service provider’s site states that, “We do not track user activities outside of our site, nor do we track the website browsing or connection activities of users who are using our Services.” Based off of what data was leaked, connection activities are clearly being captured and stored.
Of interest for those residing in Hong Kong, however, are increased fears over their information being made available to the government. China recently passed a controversial security law that impacts Hong Kong residents, which could also affect those who make use of VPNs in order to organise protests or any kind of activism.
Either way, this most recent incident serves as a good example as to users doing their due diligence in choosing a VPN provider, and ensuring that they have thoroughly read through the platform’s data policies.