abusesaffiliationarrow-downarrow-leftarrow-rightarrow-upattack-typeblueskyburgerchevron-downchevron-leftchevron-rightchevron-upClock iconclosedeletedevelopment-povertydiscriminationdollardownloademailenvironmentexternal-linkfacebookfilterflaggenderglobeglobegroupshealthC4067174-3DD9-4B9E-AD64-284FDAAE6338@1xinformation-outlineinformationinstagraminvestment-trade-globalisationissueslabourlanguagesShapeCombined Shapeline, chart, up, arrow, graphLinkedInlocationmap-pinminusnewsorganisationotheroverviewpluspreviewArtboard 185profilerefreshIconnewssearchsecurityPathStock downStock steadyStock uptagticktooltiptwitteruniversalitywebwhatsappxIcons / Social / YouTube

Esta página no está disponible en Español y está siendo mostrada en English

Artículo

20 jul 2020

Autor:
The Sydney Morning Herald

Hong Kong: Server shared by several VPNs accused of being "completely open and accessible" and exposing private user data

“Data breach of free VPN providers exposes details of millions of users”, 20 July 2020

… vpnMentor cybersecurity researchers claim they found an unsecured server shared by several VPNs, software designed to protect users, and say it could potentially affect more than 20 million users.

In a report provided to Nine News, the researchers say the server was "completely open and accessible, exposing private user data for everyone to see".

It claims the affected apps include UFO VPN, Fast VPN, Free VPN, Super VPN, Flash VPN, Secure VPN and Rabbit VPN.

Lead researcher Noam Rotem said his team found entries within the exposed database that contained personal details about users, such as email addresses, home addresses, clear text passwords, IP addresses and other identifying information…

It appears the apps on the exposed server share a common Hong Kong-based owner and developer.

Spokespeople for UFO VPN and Fast VPN issued nearly identical statements in response to questions about the breach: "Due to personnel changes caused by COVID-19, we've not found bugs in server firewall rules immediately, which will lead to the potential risk of being hacked. And now it has been fixed".

The companies also claimed they didn't collect all the types of data that the researchers say they found.

Mobipotato – the company representing FastVPN – confirmed the server was at risk from June 29 to July 13.

The other companies did not respond to requests for comment, and the contact email provided for RabbitVPN bounced back…

Información de privacidad

Este sitio usa cookies y otras tecnologías de almacenamiento web. Puede configurar sus preferencias de privacidad más adelante. Los cambios se aplicarán de inmediato.

Para más información sobre el uso que hacemos del almacenamiento web, por favor consulte nuestra Política de Cookies y Uso de Datos

Strictly necessary storage

ON
OFF

Necessary storage enables core site functionality. This site cannot function without it, so it can only be disabled by changing settings in your browser.

Cookies analíticas

ON
OFF

Cuando accede a nuestro sitio web, utilizamos Google Analytics para recopilar información sobre su visita. La aceptación de esta cookie nos permitirá conocer más detalles sobre su visita y mejorar la forma en que mostramos la información. Toda la información analítica es anónima y no la utilizamos para identificarle. Google proporciona un complemento de inhabilitación de Google Analytics para todos los navegadores populares.

Cookies promocionales

ON
OFF

Compartimos noticias y actualizaciones sobre empresas y derechos humanos a través de plataformas de terceros, incluidas las redes sociales y los motores de búsqueda. Estas cookies nos ayudan a comprender el rendimiento de estas promociones.

Sus preferencias de privacidad en este sitio

Este sitio usa cookies y otras tecnologías de almacenamiento web para mejorar su experiencia, mas allá de la funcionalidad básica necesaria.