Web agency » Digital news » LimeVPN data breach gave a hacker data logs that weren't supposed to exist -

LimeVPN data breach gave a hacker data logs that weren't supposed to exist -

93e53afa-1260786
Wright Studio / Shutterstock.com

Hacker Just Deleted LimeVPN's Website, Stole Over 69 Sensitive user logs, and seeks to sell them for a Bitcoin payment of $ 400 on a hacker forum. As such breaches become more common, the real news is how the hacker got the logs since LimeVPN says it is a logless service.

LimeVPN has confirmed that its backup server is what got hacked. Privacy Sharks, who initially reported the breach, spoke to the alleged hacker who then confirmed that he was able to access and shut down the site through a security breach.

This backup server contained a database filled with sensitive user account data such as email addresses, passwords, and payment information from its WHMCS billing system. The hacker also claims to be in possession of each user's private key, which means they are potentially able to decrypt any traffic passing through the VPN service. And now this hacker is trying to sell this information to the highest bidder on a well-known hacker forum. They are asking for $ 400 in Bitcoin, which is roughly $ 13,4 million.

After touting on their website that they don't keep logs, LimeVPN is certainly suspicious now since the hacker was able to step in and scratch their entire database. Its customers felt that none of their information or activity would be stored on the company's server and now they are the ones who have to pay for LimeVPN to do it anyway.

Unfortunately, there isn't much that LimeVPN users can do at this point to stop the breach. However, as a safety measure, we recommend that users of the service stop using it immediately, take measures to protect payment information (such as ordering a new credit card), change passwords of all sites visited while using the VPN, and beware of potential identity theft.

The breach is a reminder that the vast majority of VPNs are untrustworthy. Most lure customers in with low prices and empty promises of security and privacy without actually being able to back them up. If you are looking for a (new) VPN service, we recommend that you check out our best VPN services, especially our top overall pick, ExpressPVN. This service regularly undergoes independent security audits to safeguard its no-logging policy.

Going through Privacy Sharks

★ ★ ★ ★ ★