It's important to be aware of the privacy related incidents & gag orders that have been known to occur. Keep your data & privacy safe by learning the truth. Learn about the various incidents that have taken place & how to prevent them in the future.
Nov 2022, LastPass security incident: "We have determined that an unauthorized party, using information obtained in the August 2022 incident, was able to gain access to certain elements of our customers’ information." Source
Aug 2022, LastPass security incident: A third-party gained unauthorised access to portions of their development environment, source code, and technical information through a single compromised developer account. Source
2021, LastPass third-party trackers and security incident: Android app contained third-party trackers. Also, at the end of 2021, an article at the site BleepingComputer reported that LastPass users were warned that their master passwords were compromised. Source
2021, ProtonMail: ProtonMail logged IP address of French activist after an order by Swiss authorities. Source
2021, WindScribe VPN: Servers were not encrypted as they should have been allowing MITM attacks by authorities. Source
2021, DoubleVPN: Servers, logs, and account info seized by law enforcement. Source
2021, Tutanota Email: Forced to monitor two user accounts for three months implicated in a blackmail case. Source
Transparency Report & Warrant Canary for the secure email service Tutanota
2019, LastPass security incident: Affected the LastPass browser extension. Web sites with malicious JavaScript code could obtain a username and password inserted by the password manager on the previously visited site. Source
2017, LastPass security incident: Vulnerability in LastPass Chrome extension and allowing remote code execution from a malicious website. Source
2017, PureVPN: Forced to disclose information of one user to the FBI. Source
2016, LastPass security incident: Malicious websites were able to read plaintext passwords for arbitrary domains from user's vault. Source
2015, LastPass security breach: Account email addresses, password reminders, server per user salts, and authentication hashes were compromised; however, encrypted user vault data had not been affected. Source
2014, EarthVPN: User was arrested based on logs provider to the Dutch Polic because of a bomb hoax. Source
2013, Lavabit Email: Secure E-Mail provider Lavabit shuts down after fighting a secret gag order. Source
2011, LastPass security incident: All users requested to change their master passwords. Yet no evidence that customer information was compromised. Source
2011, HideMyAss VPN: User was de-anonymized, and logs were provided to the FBI in a labeled "LulzSec fiasco". Source
The number of privacy-related incidents reported by networking companies and governments keeps increasing. With these incidents in mind, we have compiled a list of known privacy-related incidents that have impinged upon individual privacy and security.
Privacy tools listed on this page are all open-source unless marked otherwise: Criteria.
Based in The Netherlands. Operating since 2018. Obfuscated, RAM-only servers. Audited by a reputable German cybersecurity firm, Cure53. Currently, 82% off + 2 months FREE.