From PC Mag: Using a virtual private network (VPN) is meant to help keep you safe and anonymous online, but what happens if that VPN gets hacked? In the case of LimeVPN, it means over 69,000 users have had their personal information stolen and put up for sale to the highest bidder.
As PrivacySharks reports, LimeVPN confirmed that its backup server was hacked and its website is down. If you attempt to visit the website, it's likely to be blocked by your security software warning of a trojan, so best not to try. PrivacySharks also talked to the hacker who allegedly breached the server, who confirmed they also took the website offline and initially gained access through a security hole.
All of LimeVPN's customers are now at risk because the backup server included a database of their details including username, email address, and password alongside payment information. LimeVPN uses the Web Hosting Billing and Automation service known as WHMCS to handle payments. Also of serious concern is the fact the hacker claims to hold the private key of every user, meaning any traffic passing through LimeVPN can potentially be decrypted.
The records held by the hacker are thought to be for more than 69,400 customers. A user called slashx initially listed the database for sale on the RaidForums a few days ago for $400 in Bitcoin. However, at the time it was thought only 10,000 records had been grabbed. With the total now closer to 70,000, a "much higher price" has apparently been set.
View: Full Article
