VPN providers claim to carry no logs of user activities. Some providers have been proven to keep logs including users IP addresses.
|VPN Service||Collected and Leaked Data||Source||Date|
||NordVPN was compromised and an internal private key has been leaked. This allows others to set up bogus VPN servers imitating official NordVPN servers. An unknown party had full remote control of the server for a period of time, and they could have used that to scoop up data from some users regardless of whether or not anything is stored on the server.||Techcrunch 14||October 2019|
Facebook paid people to install a "Facebook Research" VPN that is similar to Facebook's Onavo VPN app. The VPN app gets roots network access of the user’s phone and lets Facebook spy on all web activity. With the installation of Facebook's VPN app the company can log web browsing activity, scan what apps are used and even decrypt and analyze encrypted traffic. Facebook admitted it was running the VPN to gather data on usage habits.
|Techcrunch 13||January 2019|
|Safe Wi-Fi Verizon’s VPN
User logs of US-based VPN service IP Vanish were provided to authorities who were investigating a criminal case.
|Restore Privacy 11||June 2018|
||Onavo collects device data from users (Wi-Fi data and cellular data usage). Onavo VPN was developed by Facebook to examine phone user's app usage and mobile browsing data. Onavo VPN itself noted it collects the “time you spend using apps, mobile and Wi-Fi data you use per app, the websites you visit, and your country, device and network type.”||Security research 10||March 2018|
PureVPN was caught logging user data and provided this data to the FBI.
|FBI affidavit 8||October 2017 9|
||Hotspot Shield VPN collects large amount of user data and intercepts and redirects web traffic to advertising companies. The VPN service claims to keep no logs of personal user information or online activity while identifying user locations and serving advertisements.||FTC complaint 6||August 2017 7|
||Academic paper 4||January 2017 5|
||Hola VPN sold users' bandwidth for commercial purposes and botnets. Hola's users have been unwitting mercenaries in botnet-for-hire attacks. Bandwith of Hola's users was used to target sites in denial-of-service attacks.||Torrentfreak blog 3||May 2015|
||Proxy.sh announced on it's company blog that the VPN provider monitored and analyzed the traffic on one of its U.S.-hosted VPN servers. Proxy.sh, a VPN with a strict no-logs policy, decided to track some of its VPN network traffic after receiving an abuse complaint about hacking activities on a VPN node based in the United States.||Torrentfreak blog 2||September 2013|
|Hide My Ass
||HMA blog 1||September 2011|