Hacker obtains data on thousands of VPN users

News
By published

User records from a popular no-logs VPN service were obtained following a data breach

Hacker Typing
(Image credit: Shutterstock)

A hacker has managed to steal the entire contents of a VPN provider's website server and they are currently in the process of trying to sell thousands of user records on a popular hacker forum.

As reported by the privacy-focused review site PrivacySharks, the no-logs VPN service LimeVPN has fallen victim to a massive data breach that puts more than 69,000 users of its service at risk.  A hacker who goes by the handle 'slashx' recently posted on RaidForums advertising the fact that they had obtained LimeVPN's entire database and wanted to sell it for $400 in Bitcoin. 

TechRadar needs you!

We're looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn't take more than 60 seconds of your time. Thank you for taking part.

>> Click here to start the survey in a new window <<

PrivacySharks then contacted slashx to learn more about the breach and its researchers discovered that the scraped data from the VPN provider's website includes records from its WHMCS billing system as well as account details including usernames, email addresses and passwords.

The hacker also told PrivacySharks that they are in possession of the private keys of every LimeVPN user which means they can easily decrypt each user's traffic.

LimeVPN data breach

In order to gain new customers and retain their current customers, VPN providers must reassure users that their data will remain private and secure when using their services. In this instance though, LimeVPN's image is now in question as the company had its entire database scraped as the result of a security breach.

At the same time though, LimeVPN's no-logs policy will also likely face additional scrutiny because if the company didn't keep logs on its users, then why was a hacker able to obtain them from its site. This is why ExpressVPN, NordVPN and many of the other top VPN providers in the industry have undergone independent audits to backup the claims of their no logging policies.

Just as PrivacySharks reached out to LimeVPN for a comment on its recent data breach, so too did TechRadar Pro and we were also unsuccessful at getting in touch with someone from the company. Additionally, in the time since PrivacySharks published its blog post on the matter, LimeVPN's website went down and slashx is now selling the company's entire website backup at a much higher price.

While contacting LimeVPN may have been an option for the company's customers at the onset of the breach, PrivacySharks now recommends that users change their passwords, order a new credit card and consider investing in identity theft protection.

We'll likely hear more regarding this data breach once LimeVPN releases an official statement on the matter which could take some time as the company's site is still down at the time of writing.

Via PrivacySharks

Anthony Spadafora
Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home. 

Read more
No broadband network
Massive online data breach sees 2.7 billion records leaked - here's what we know
Someone holding a passport with two boarding passes inside it
Top digital loan firm security slip-up puts data of 36 million users at risk
Representational image of data security
Travel data of almost 500,000 users exposed in Daytrip leak
Cartoon Phishing
One of the largest data leaks ever sees info on 1.5 billion people leaked online
Suitcase next to a bed in a hotel
Millions of hotel users see personal info checked out in huge data leak
A man looking at a tablet with a brown Best Buy package on the desk in front of him
Huge Christmas data breach - 14 million shipping records leaked, putting shoppers at risk
Latest in VPN Privacy & Security
Close up of PS5 DualSense controller leaning on a PS5
5 reasons your PS5 needs a VPN
Tor
What is Onion over VPN?
In this photo illustration a Google Play logo seen displayed on a smartphone.
Why is there so much spyware hidden in the Play Store?
PrivadoVPN running on an iPhone during TechRadar&#039;s VPN tests
Why PrivadoVPN Free is still the best free VPN for streaming
Homepage of CloudFlare website on the display of PC, url - CloudFlare.com.
"Network blocking is never going to be the solution" – Cloudflare slams anti-piracy tactics
Panels at RightsCon 2025 during a press briefing about the latest Access Now report of internet shutdowns
2024 was the worst year on record for internet freedoms – again
Latest in News
Super Mario Odyssey
ChatGPT is the ultimate gaming tool - here's 4 ways you can use AI to help with your next playthrough
Brad Pitt looks over his right shoulder with &#039;F1&#039; written behind him
Apple Original Films will take you behind-the-scenes of a racing cockpit in this new thrilling F1 movie trailer
AI writer
Coding AI tells developer to write it himself
Reacher looking down at another character from the Prime Video TV series Reacher
Reacher season 3 becomes Prime Video’s biggest returning show thanks to Hollywood’s biggest heavyweight
Finger Presses Orange Button Domain Name Registration on Black Keyboard Background. Closeup View
I visited the world’s first registered .com domain – and you won’t believe what it’s offering today
Image showing detail of the Leica D-Lux 8
Still can't get a Fujifilm X100VI? This premium Leica compact costs less, and it's in stock
More about vpn privacy security
Close up of PS5 DualSense controller leaning on a PS5

5 reasons your PS5 needs a VPN
Tor

What is Onion over VPN?
A hand reaching out to touch a futuristic rendering of an AI processor.

Researchers want to embrace Arm's celebrated paradigm for a universal generative AI processor; a puzzling MEGA.mini core architecture

See more latest
Most Popular
A hand reaching out to touch a futuristic rendering of an AI processor.
Researchers want to embrace Arm's celebrated paradigm for a universal generative AI processor; a puzzling MEGA.mini core architecture
Finger Presses Orange Button Domain Name Registration on Black Keyboard Background. Closeup View
I visited the world’s first registered .com domain – and you won’t believe what it’s offering today
Super Mario Odyssey
ChatGPT is the ultimate gaming tool - here's 4 ways you can use AI to help with your next playthrough
Nokia 5G 360 Camera
This is the world's first 8K 5G 360 degrees camera - and it is also weatherproof
AI writer
Coding AI tells developer to write it himself
Data Breach
Thousands of healthcare records exposed online, including private patient information
Brad Pitt looks over his right shoulder with &#039;F1&#039; written behind him
Apple Original Films will take you behind-the-scenes of a racing cockpit in this new thrilling F1 movie trailer
Google Messages update
Google Messages could soon follow WhatsApp with an upgrade that makes it much easier to join group chats
Reacher looking down at another character from the Prime Video TV series Reacher
Reacher season 3 becomes Prime Video’s biggest returning show thanks to Hollywood’s biggest heavyweight
Nvidia RTX 6000
Details of Nvidia's fastest video card ever leak; RTX Pro 6000 Blackwell GPU will have 96GB GDDR7 ECC memory