One hacker has gotten his hands on all the LineVPN provider's users and is currently selling them on a popular hacker forum.
What Went Down?
First to report the incident was PrivacySharks, the supposed no-logs VPN service that has encountered a massive data breach that puts 69,400 users at risk. Unfortunately, there was no leak from a team member but an actual security breach that hacker "slashx" exploited.
The leak includes a "complete database, billing system, user vpns ..etc" in the hacker's words. A member of PrivacySharks reached out to the hacker and said that he is accepting payment through Bitcoin.
As of this writing, the hacker forum RaidForums has a post that advertised the entire LimeVPN database up for grabs for anyone who would be willing to transact with the hacker. Naturally, this puts thousands of users at risk, given the serious private information that the hacker has collected.
LimeVPN is Down
The website has now been shut down.
The supposed leak has turned into an all-out website breach as slashx has shut down the website himself. LimeVPN has spoken with PrivacySharks and said that there is a Trojan lingering on the website.
The hacker is asking for a $400 bitcoin payment to anyone willing to part with the sensitive information of thousands of users that include usernames, email addresses, passwords, and billing information.
The hacker said that he has all the private keys of every LimeVPN user, in which case he can decrypt the user's traffic without any problems.
Private keys are considered an all-access pass to what you've been searching for and doing online while using your VPN.
What Happens if You're a LimeVPN User?
First of all, you should immediately change passwords and try to obtain a new credit card. You can also go ahead and reach out to customer service and ask for any compensation because of the hack and possible ransom of your information online.
We recommend activating two-factor authentication to make it even more secure since just the regular password won't save you. Hackers can target individuals and build a profile about you that can lead to even more serious problems for you like identity theft, fraud, scams, and more.
LimeVPN Might Face Possible Scrutiny
LimeVPN has advertised that they have a no-logs policy; however, why did a hacker get information of all of the user's data if there were supposed to be no logs? Other popular VPN sites have undergone independent audits to prove that their claims of having no logs are indeed true.
PrivacySharks now tells all of their customers to change all their passwords and get a new credit card ordered for them. Additionally, they also urge people to invest in identity theft protection, which means that LimeVPN users are in for a tough time dealing with this unexpected data breach.
This article is owned by Tech Times
Written by Alec G.