VPN Leaks

VPN providers claim to carry no logs of user activities. Some providers have been proven to hand over logs including users IP addresses.

VPN service Leaked and collected data Source Date
Facebook VPN (named Facebook Research VPN, working similar to Facebooks's Onavo VPN)
  • Facebook paid people to install a "Facebook Research" VPN that is similar to Facebook's Onavo VPN app.
  • private messages in social media apps
  • chats from instant messaging apps (including photos and videos)
  • emails
  • web searches
  • web browsing activity
  • location information
Techcrunch [12] January 2019
Safe Wi-Fi (Verizon’s VPN)
  • The first draft of Verizon's privacy policy states that personal information may be used for marketing purposes.
Motherboard [11] August 2018
IP Vanish
  • User logs of US-based VPN service were provided to authorities who were investigating a criminal case.
  • full name
  • e-mail address
  • username
  • reset password
  • connection time
Restore Privacy [10] June 2018
Onavo (Facebook's VPN)
  • collects device data from users (Wi-Fi data usage, cellular data usage)
security research [9] March 2018
  • leaks source IP address
  • keeps time stamp logs (users’ connection time)
FBI affidavit [7] October 2017 [8]
Hotspot Shield
  • intercepting and redirecting web traffic to advertising companies
FTC complaint [5] August 2017 [6]
Betternet VPN
  • tracking users’ activities by various tracking libraries
  • gives third parties access to users’ computers
  • contains malware and adware
academic paper [3] January 2017 [4]
Hola VPN
  • selling users' bandwidth for commercial purposes
Torrentfreak blog [2] May 2015
Hide My Ass
  • leaks source IP address
  • IP address of the individual VPN server used by HMA customer
  • logs time stamp when user connects and disconnects to HMA
  • amount of data transmitted
  • HMA username
HMA blog [1] September 2011