Android VPN data of millions of users hit the web

Share this post

Popular hacker forum found databases containing data on accounts of users of three VPN services: SuperVPN, GeckoVPN and ChatVPN. In total, information about 21 million users with paid and free accounts is being sold.

According to the seller, the archives contain the following data: e-mail used to sign in to the service, username, full name, country, randomized password, information on payment and its methods, the status of the subscription and its duration. The author of the post also suggests sorting the information by country.

Judging by the fragment of the database, which is attached to the sales post, along with the above data the buyer will receive the serial number of the device, the name of the manufacturer and model, the mobile subscriber identifier (IMSI) and other information about the smartphone.

Almost at the same time in a popular VPN-service LastPass on Android found 7 different activity trackers of users. The company’s representatives have already commented on the situation: surveillance is used exclusively to improve the user experience, it can be disabled in the settings, these data are not passed to third parties. Nevertheless, the function is enabled by default, and many users were not aware of it.