The state of the VPN industry in 2023.
What Am I Looking At?
This beauty right here is every proven relationship between media companies, content sites, corporate VPNs, and independent VPNs that we could find.
Why does that matter? Well, take it from a VPN company: our industry can be super toxic. It’s full of lies, false claims, and paid referrals to hide those very facts. This map illustrates and highlights the shady happenings in the VPN world so you can stay informed and educated.
We hope to map and track new information that might prove useful to people with the help of more contributors in future updates.
The VPN industry has seen significant growth and changes in the past year. As privacy and security concerns continue to rise, VPNs have become a crucial tool for individuals and businesses alike in protecting their online activities.
Here's a rundown of the major news stories that shook the VPN landscape in 2022 and 2023.
VPN Ban in Russia
In 2022, the Russian government implemented a ban on VPNs, citing concerns over their use for accessing restricted content and bypassing government-imposed internet censorship. Despite the ban, many VPN providers continue to offer their services in Russia, often using obfuscation techniques to avoid detection.
Here at Windscribe, we recently tripled our free quota for users in Russia, Belarus, and Ukraine to alleviate censorship of the war and allow citizens to know the truth about the war, and circumvent the effectiveness of Russian government propaganda.
Twitter Restrictions in Turkey
On February 8, Twitter was restricted in Turkey following a major earthquake that killed over 11,500 people in southern Turkey and northern Syria. Netblocks, which tracks global connectivity, reported that the restriction came when the public relied on the platform for communication in the aftermath of the disaster.
Turkish Twitter users, including opposition figures, academics, and NGOs, protested this move as it hindered communication when it was needed the most.
Here at Windscribe, we provided a relief code to triple data, enabling people to discover the true extent of the issues and remain connected during the difficult time.
Since the protests began in Iran on 16 September, the government has implemented internet shutdowns and increased censorship. Services such as Instagram and WhatsApp have been blocked, and authorities are targeting VPNs. They blocked access to free VPNs, removed VPN apps from Google Play and Apple App Store, and deactivated VPN servers accessible in the country.
Despite these crackdowns, Windscribe has helped Iranian citizens beat censorship and maintain access to the internet once again by providing a relief code.
In case it’s not obvious at this point - we have acted against every large government censorship globally. It’s generally our policy. We’re fighting for an open internet that benefits everyone.
The rise of Quantum resistant measures
In late 2022, other VPN providers like NordVPN and ExpressVPN started offering quantum-resistant VPNs to their users. Not to brag, but we’ve been using PSK measures since the introduction of Wireguard. Mullvad has also recently done the same.
This means the industry as a whole is starting to take steps to tackle the potential threat of quantum computing, which could potentially crack current encryption methods. Quantum-resistant VPNs use advanced encryption algorithms to ensure user data remains secure even in the face of quantum computing advancements.
Apple Removes VPN Apps from the Chinese App Store
In a controversial move, Apple removed several VPN apps from its App Store in China in 2023 due to pressure from the Chinese government. These VPN apps allowed users to bypass the country's Great Firewall and access blocked content. Critics argue that Apple's decision undermines internet freedom and privacy for Chinese users.
Chinese Government Agency Breach Exposes Personal Information
The Shanghai Police fell victim to a cyberattack in 2022, with hackers gaining access to the personal information of millions of citizens, including names, addresses, and Social Security numbers.
What made this incident interesting to some is that it was the single biggest breach of data in China to date. The incident prompted calls for increased cybersecurity measures to protect sensitive government data.
Meta, Owner of Facebook, Fined €1.2bn for Mishandling User Information
In 2023, a data breach at Facebook exposed the personal information of over 500 million users, including names, email addresses, phone numbers, and private messages. The incident raised serious concerns about the platform's data security practices and led to increased scrutiny from regulators and users alike.
Notably, they decide they would not inform users about said breach.
VPN Use Surges Amid Global Privacy Concerns
The demand for VPNs skyrocketed in 2022 and 2023, as users worldwide sought to protect their privacy and access blocked content. This increased demand has led to a surge in “Free” VPN providers entering the market - and unfortunately with that comes a surge in breaches - but we’ll get to that next.
Take it from us. We see a noticeable increase in free users whenever some dictator starts enforcing their best ideas.
Free VPNs Under Scrutiny for Data Breaches
Several free VPN providers faced backlash in 2022 and 2023 after security breaches exposed user data. Bean VPN & Airplane Accelerates were the big offenders. Bean VPN’s breach affected over 50M users and Airplane Accelerates leaked 5.7B user records. These incidents highlighted the risks associated with using free VPN services, prompting many users to switch to paid VPN providers with more robust security measures in place.
Free VPNs affected:
- UFO VPN
- FAST VPN
- Free VPN
- Super VPN (Twice)
- Flash VPN
- Secure VPN
- Rabbit VPN
These free VPN providers were responsible for 1.2TB of leaks, demonstrating just how safe users aren’t when they may be led to believe they are when using new free options that spring up out of nowhere.
SuperVPN went for the double whammy as they again exposed 360,308,817 records, totaling 133 GB in size. The leaked data contained sensitive user information such as email addresses, IP addresses, geolocation data, server usage records, secret keys, and device details. Despite SuperVPN's claim of not storing user logs even though they were previously breached, the latest data breach suggests they learned absolutely nothing.
The only reason we can have a free plan at all is because we have paid users who support that model. It is an expensive endeavor but because we have invested in our infrastructure we can provide many locations for free.
So when you see a brand new “free service” pop up - make sure you check it out before jumping on board.
Credit Suisse Data Leak
In 2022, a major data breach at Credit Suisse Bank exposed the personal information of over 100 million customers, including names, addresses, Social Security numbers, and financial data. The breach was attributed to a vulnerability in the bank's security infrastructure, which allowed hackers to access the sensitive data.
Neopets Data Leak
Neopets disclosed a data breach that exposed the personal information of over 69 million members, resulting from attackers accessing their IT systems between January 3, 2021, and July 19, 2022.
The breach was discovered when a hacker attempted to sell a Neopets database containing 460MB of source code and sensitive information for four bitcoins. Affected data includes names, email addresses, usernames, dates of birth, gender, IP addresses, Neopets PINs, hashed passwords, and game-related data.
As a personal side note: Damn, I loved Neopets back in the day. Same as Tamagotchi but no worries there about the email I made when I was 15 being hacked.
MSI Ransomware Attack
Taiwanese PC vendor MSI confirmed a network breach following reports of a ransomware attack by the Money Message ransomware gang. The gang claims to have infiltrated MSI's systems, demanding a $4 million ransom to stop them leaking stolen files online.
While not disclosing details of the attack, MSI stated that it has had no "significant" operational or financial impact, and security enhancements have been implemented to ensure data security.
The company has warned customers to obtain BIOS and firmware updates only from its official website.
I was originally going to make a meme using “Lucky”, their mascot… but I’m not paid enough to google that. I’m sure you know why.
Twitter Data Breach
Researchers have determined that a cache that was leaked of about 200 million email addresses linked to Twitter users - previously rumored to include data from 400 million accounts - likely resulted from a refinement of the larger data set with duplicates removed.
The data was exposed from June 2021 to January 2022 due to a bug in Twitter's application programming interface (API). The flaw enabled attackers to use contact information to access associated Twitter accounts, potentially identifying users. The bug, which Twitter has since patched, could have led to phishing attacks, identity theft attempts, and individual targeting.
The API vulnerability impacted pseudonymous Twitter accounts as it exposed users' email addresses and phone numbers linked to them, which could compromise their privacy.
Come January 2023, various news outlets reported that a shocking 235 million Twitter accounts had their email addresses shared on a hacking forum. Though the data stolen wasn't highly sensitive, it may still pose a risk to users if the email addresses leaked are exploited by other malicious actors.
Plus, think about how much more spam Twitter users are going to get now.
Western Digital Hack
Hackers who breached Western Digital claim to have stolen around 10 terabytes of data, including customer information, and are demanding a minimum eight-figure ransom for not publishing the data. Western Digital disclosed a network security incident on April 3, stating certain data was obtained from its systems.
The hackers provided details to TechCrunch, including a file signed by Western Digital's code-signing certificate, and phone numbers allegedly belonging to company executives.
US House of Representatives Data Breach
Hackers potentially accessed sensitive personal data of members of the US House and Senate, their staff, and families in a breach of Washington DC's health insurance marketplace, DC Health Link. The organization confirmed customer data was affected and is notifying those impacted while working with law enforcement.
The FBI is assisting in the investigation and affected individuals are being offered identity theft services and extended credit monitoring.
LastPass Was Breached. Again.
LastPass has disclosed that a threat actor stole corporate and customer data by hacking an employee's personal computer and installing keylogger malware, granting access to the company's cloud storage.
This follows security breaches last year, which led to the password manager's source code and customer vault data being stolen. The company has since taken additional security measures, such as revoking certificates and rotating credentials. LastPass users have been advised to change all their stored passwords as a precautionary measure.
We actually cast them a teeny-tiny bit of shade with our parody for April Fool’s Day this year [BLOG https://blog.windscribe.com/introducing-windpass/]
OVPN Was Acquired by Pango, Owner of Hotspot Shield
Pango has bought OVPN. OVPN joins the ranks of Hotspot Shield, Ultra VPN, 360 VPN, and Betternet. While OVPN has enjoyed a spotless reputation, Hotspot Shield was reported to the FTC for allegedly deceptive trade practices involving unethical logging and data sharing.
HotSpot Shield also has a reputation for, at least in the past, including adware in their installer.
Betternet ranked as the fourth most hits on VirusTotal (13 antivirus hits) among the VPN apps on Google Play that Australia's national science agency, CSIRO, tested.
Betternet was allegedly founded by Iran's Vice President's son and then bought by Pango.
Fun Facts: There are 800,000 Attacks Annually
- A hacker attack occurs every 39 seconds.
- Hospitals, as part of the healthcare sector, are the most frequent targets of ransomware attacks.
- The majority of malware, 92%, is transmitted through email.
- At any moment, around 4.1 million websites contain malware.
- On average, it takes 49 days to detect a ransomware attack.
- A staggering 97% of security breaches exploit vulnerabilities in WordPress plugins.
- Cryptocurrency valued at over $3 billion has been compromised.
Other VPN Map Sources
Most information regarding organizations found here is taken directly from the site listed at the top of their node. Additional information is taken from the following sources:
These sources are used to confirm basic information about the companies involved, such as location, website URLs, and where the majority of their team operates from.
VPNs - If the majority of the technical and senior staff are based in a specific country, then that is considered their "based" location. We reference where the company is officially registered and use that to base their tax information.
Corporations - Many of the corporations listed here do not provide a simple insight into where they may be located. Here, we have surmised where a corporate entity is based using the location of key C-suite staff members.
Want to chat? Need a source? Do you have gushing praise or hate for it? Let me know at [email protected] or on Twitter @SobeyHarker.