Biggest VPN Scandals – Hola, Hotspot Shield, Hidemyass (Lulsec)

The Biggest VPN Scandals

Every relationship is built on trust. As a consumer, you trust that the product you are buying does what it says and that everything that company writes in its marketing is true up to a point. Nonetheless, this article provides the Biggest VPN Scandals

When you use a VPN provider trust is crucial. You are paying for a company to safeguard your privacy. 

A big part of how a VPN provider safeguards your privacy can be found in their privacy statement, user statement as well as whether they keep logs.

The following scandals should be judged not on what the people who were brought to justice did. But, on what the companies promised they would do and then didn’t deliver on.

These are companies that have broken their user’s privacy when they had made grand statements about their 100% zero logs policy.

 

 

What Is A Zero Logs Policy?

VPN’s are built and destroyed by their zero logs policy. Every time you access their service and browse you are creating a log of actions.

Companies can choose to log this or have a zero logs policy.

Zero logs basically mean that they don’t keep a record of your online activities which could include:

• Your originating IP
• The IP’s and servers that you use
• Name, Email, and payment details
• Browsing history
• Data usage

This is all information that third-party advertisers would love to get their hands on. As well as law enforcement agencies.

VPN’s do not condone criminal activities, but if they sell a service promising zero logs then they need to deliver.

This simply means that whoever comes knocking for your data, gets turned away because there are zero logs to give them.

Some of the providers outlined were shown to be lying when they said they had a zero logs policy, which landed their users in hot water.

 

 

HideMyAss

HideMyAss find their selves top of our list for having not one but two scandals. In fact, if you check their site you will see they don’t have a zero logs policy, because they have been caught red-handed twice handing over user details to law enforcement agencies, that supposedly they weren’t meant to have.

Remember, zero logs mean there is nothing to give you. So, if I hand over a user’s logs, that means I have been logging your actions when I said to you I wouldn’t

2011, was the scene for possibly the biggest VPN scandal of all and was a watershed that showed people that their VPN provider may lie when they say you are 100% anonymous.

The LulzSec hackers were a high-profile group of international hackers who targeted several high-profile companies including Sony and Rupert Murdoch’s News Corporation and Fox.

They became infamous for launching massive DDOS (Denial of Service attacks) using botnets. One of the reasons why DDOS attacks are so well known today. A Botnet is a series of malware-infected computers that carry out thousands of requests per second against a target server. The server overloads bringing down the website.

SOCA compels HMA to hand over logs

After an attack on UK’s SOCA (Serious Organised Crime Agency), they requested logs from HideMyAss which they had tracked one of the users to. HideMyAss was not meant to have any logs but handed over the information requested which led to the arrest of one of Lulzsec’s members Ryan Cleary.

In 2016, Chris Dupuy a judge was arrested on charges of cyberstalking. However, when reporters dug into the subpoenas and court statements, they found out how Dupuy had been caught.

Dupuy has used HideMyAss’es premium service to mask his IP. He had then placed offensive adverts with his ex-girlfriends’ numbers on the popular escort website backpage.com. The fact that he had used servers only available to premium members, meant that HideMyAss couldn’t even claim that he used one of their free proxies.

As a UK provider, HideMyAss keeps extensive records and was again compelled under Federal Law to hand over records which led to Depuy’s arrest. These are just the publicized cases that we know about.

A sobering reminder that not every VPN provider is equal to another when it comes to logs and anonymity. Always make sure you read the privacy policy before signing up.

 

EarthVPN

If your check out their home page, EarthVPN give the following statement regarding having absolutely no logs:

“EarthVPN neither logs VPN usage nor user activity. Neither we nor third parties are technically able to match an IP address to an account. Under no circumstances we will provide any personal or private information to third parties.”

Cool. Where do we sign up?

However, we pretty sure they had the same statement up in 2013 when our next scandal took place.

In Holland, a bomb threat was anonymously made against a school. The Dutch police traced the threat back to one of EarthVPN’s servers and asked the company to provide any information they could about the user.

Now, because EarthVPN has no logs of the user’s VPN activity and can’t even match their IP address like the statement says above. They wouldn’t have anything to give.

Wrong.

EarthVPN coughed up the user’s connecting IP and the terrorist was swiftly apprehended. Again, this isn’t about the crime. It’s the principle. You are clearly logging something.

We should also talk a bit about that their shady past. EarthVPN’s website looks like it’s stuck in 1998. Plus, the Revolution Slider error on their WordPress-based website.

As well as being based in North Cyprus. A place that technically doesn’t exist, as it is under contention for decades between Greece and Turkey.

Also, they haven’t made an update on Facebook since 2015. Or been seen on Twitter since October 2013. Plus, there have been multiple reports from users that the customer service is pretty much non-existent.

Avoid at all costs. Not only will you get no logs, but you’ll get no service to boot.

 

HolaVPN

What could be better than a great VPN provider? A free one!

HolaVPN has made a massive name for itself as a free and premium VPN provider. They boast an enormous 186 million users. 

But behind their sunny little mascot lies a nefarious scheme, that touches on the biggest fears of every person who is scared about what can be done with their data online if left in the wrong hands.

Hola’s free VPN works by using a peer-to-peer VPN service. That basically means that if you are in the UK and want to access content in Japan, you can use a Tokyo user’s proxy and access that content. Great idea, right?

No. Not a great idea. Using proxies and having you on the computer used as a proxy puts you at the mercy of random users who may carry out malicious attacks on your computer.

Essentially this a giant free proxy network. Proxies are notorious with hackers and offer an unsecured solution to accessing content that is geographically blocked. But don’t worry. Hola VPN has secured your connection. What could go wrong?

 

Luminati.io Sells your Data

Well, turns out your free VPN service is selling your proxy and data to the highest bidder. Meet www.luminati the first thing you will notice is the striking resemblance that their logo bears to Hola VPN. It’s the same but blue.

As a company, you can buy 35 million + residential proxies. The same proxies you are using, the same proxy other people use when you sign up for their free service. 

What the actual… This is a trusted VPN provider which is selling your data in plain sight. Oh, but if I pay for a premium service then perhaps, they won’t sell my proxy.

Wrong. If you scrutinize Hola VPN’s privacy policy, you will see that they reserve the right to sell your data and browsing habits to third parties. Basically, giving your data to advertisers. Completely defeating the point of having a VPN in the first place.

Hola VPN is probably the biggest scandal of all. This is a company that purports to keep its users safe and protected, and basically uses its service like a giant data-mining operation. This is everything we hate about providers who take advantage of unsuspecting users and then take money from them as well as pocketing money from their data on the side.

The website http://adios-hola.org makes for great reading. Showing how Hola’s engineers have publicly lied about plugging vulnerabilities and fixing their system when on testing no such fixes were made. Even actively publishing updates that prevent security specialists from revealing how your data is being leaked. HolaVPN showing they are a botnet with no regard to individual privacy.

 

PureVPN

PureVPN is based out of Hong Kong with a reported 3 million+ users.

If you read through their privacy policy, you will see this:

“We do NOT keep any logs that can identify or help in monitoring a user’s activity.”

In 2017 that was proved not to be true.

The FBI arrested a man who was charged with cyberstalking his ex-girlfriend along with her friends and family. By not only sending malicious messages but also posting sexually explicit images of her online. A dirtbag for sure.

But, of interest was how the FBI was able to find Ryan Lin, the man accused in the first place. Lin had used Tor as well as a VPN service to carry out a persistent cyberstalking campaign on his poor ex-girlfriend.

The FBI tracked his IP address to a work computer which was unsecured and found out that he had used PureVPN. They requested all records relating to Ryan Lin.

Information that PureVPN handed over led to Lin’s arrest. So much for not logging anything. Being based in Hong Kong the company was not compelled to comply and wouldn’t have been able if they hadn’t been lying about not keeping any logs.

Since then the company has worked hard to work on its security and reputation, but when a VPN provider is found wanting over such a key statement in their privacy policy, you must wonder whether they would just do the same thing all over again.

 

OnavoVPN – Facebook

Facebook is the biggest threat to privacy, shortly followed by Google. They record absolutely everything you do. In fact, without you knowing the technology giant will track you on almost any site you go to. Just check your cookies and see that Facebook tracker.

Anybody with an ounce of common sense wouldn’t have touched OnavoVPN. Bought by Facebook in 2013. The application was pulled by Apple from its App Store in 2018 as mounting protests built up over Facebook’s flagrant abuse of the VPN.

Facebook essentially used Onavo as a data mining tool. They re-routed the traffic from Onavo through their own servers and recorded everything that a user was doing while they were using Onavo.

Funnily enough, if you search Onavo VPN on Google, it has mysteriously “disappeared”. You can’t find anything relating to it, until you add the word scandal and then see the litany of articles damning Facebook.

In the end, Facebook had reverted to paying users to use the service in return for signing a Non-Disclosure Agreement and allowing them to hoover up all your data.

Just another of Facebook’s bad data practices which finally got revealed in the Cambridge Analytica scandal, when a company was revealed to have bought the data of millions of Facebook users without their consent.

Safe to say, avoid Facebook like the plague and any products it’s associated with. They had promised to protect user’s data, and then buried in their terms and conditions used a small piece of text to use your data to improve Facebook.

 

Hotspot Shield

Hotspot Shield runs a similar business model to HolaVPN. With a free and premium service side by side. This alone should give you some cause for concern.

But this scandal was quite different from HolaVPN’s flagrant abuse of your computer and proxy.

In 2017 the Centre for Democracy and Technology lodged an official complaint with the Federal Trade Commission. In the 14-page document, they outlined that their extensive testing had revealed that Hot Spot Shield was redirecting consumer’s traffic to preferred advertisers who had paid for their service.

So, this VPN is even altering your traffic to lead you straight to websites you hadn’t for. Anchor Free who owns Hot Spot Shield answered the complaint is an incredibly vague way, making no explicit mention of redirecting traffic until a second later statement.

Their own CEO David Gorodyansky at the time said that “we never log or store user data”

Yet during many tests by the CDT, they found that Hot Spot Shield was extensively logging connections, browsing habits, and even the websites that were being visited by their users. They then inject persistent cookies into your browser to steer adverts from chosen third-party advertisers.

Instead of protecting you from malicious third parties, they are injecting cookies into your data.

Utterly outrageous.

Carnegie Mellon helped to carry out a more detailed investigation which found cookies being injected from MoPub, Quantcast, and of course the King of data breaches. Facebook.

Avoid Hot Spot Shield like the plague itself.

 

Tesonet Scandal

In 2018, Surfshark had a public blog stating that the allegations being laid against them were false.

These allegations related to the sustained rumor that Surfshark was acting like a botnet like HolaVPN, a company they had just ended a 3-year business relationship with that year. The nature of that relationship was unknown. Allegations were that Surfshark was operating a giant data-mining operation like HolaVPN.

A copyright law infringement suit followed between Tesonet and Luminati Networks. The parent companies behind Surfshark and HolaVPN. Within the legal documents was a purported conversation between the Hola CEO and Tesonet co-founder. That Tesonet was considering entering the residential proxy business. 

But where would they get the proxies from? If not from their own users.

Tesonet has also been linked to suspect business practices with another rival VPN provider. ProtonVPN. Thought ProtonVPN claimed they had nothing to do with TesoNet. One of their Directors is the CEO of Tesonet, their Android APK certificate is signed by Tesonet. Oh, and they use IP blocks assigned to Tesonet.

Originally these claims were made by a business rival, PIA (Private Internet Access) but the evidence uncovered does point to ProtonVPN being a part of Tesonet.

Now, we are not saying that you can’t trust Surfshark. Or that its no-logs policy is in doubt. But three scandals following each other, must be more than a coincidence, right?

This may be more a Tesonet problem than a Surfshark problem, but there is enough reasonable doubt floating around to make us a tad edgy.

 

Can You Trust Your VPN Provider?

So, after all the doom of gloom of those scandals. Companies lying. Stealing your data. Injecting cookies, and possibly just being one big botnet. Can we trust anybody?

Yes, you can trust Surfshark.

The one test of a company’s zero logs policy is whether they can hold their nerve when being investigated by law enforcement. After all, if you truly have no logs, then there is nothing for you to give the authorities.

So, let’s end on a brighter note

 

SurfShark – Best VPN To Use

When we talk about being the best, there are a lot of factors to consider. So when we start reviewing Surfshark, it seems to be a very impressive VPN. With a low price and top-notch security features, Surfshark VPN is really remarkable.

We tested out Surfshark based on speed, security, accessibility, and other features. We also check the price, network, device compatibility, and more. All we can say is that this is something that we would recommend.

Surfshark is becoming a very popular VPN today in spite of being new in the industry. It has received a lot of great reviews from its users and was able to establish a good brand for itself.

Learn all of SurfShark’s word-class features as we continue to discuss them in this article.

 

How to Install Surfshark VPN on Firestick

If your Firestick still has the older interface, read this article to learn how to update it: Update Firestick Interface.

Follow our screenshots below to install the SurfShark VPN app on your Fire TV stick.

1. Go to the Home screen of your Firestick.

 

2. Navigate towards the Find tab. Press the Search button from the resulting dropdown.

 

3. Type in the keyword of SurfShark and select from the suggestions that will appear.

 

4. Click the official SurfShark icon from your search results.

 

5. Press the Download (You own it) button.

 

6. The SurfShark VPN installer will download on your device.

 

7. SurfShark VPN’s app will automatically install itself on your Fire TV stick.

 

8. Press the Open button after completing SurfShark VPN’s installation process.

 

9. Please wait for the SurfShark VPN to load its user interface.

 

10. You can now log in with your SurfShark VPN account credentials.

Learn more about Surfshark and Grab the Best Surfshark Deal Now!

 

Install Surfshark on Firestick

Best Surfshark Deal

 

 

For more VPN discounts, go to ReviewVPN Deals and purchase the best VPN for you.

Click here to get the lowest price on Surfshark through our exclusive limited-time offer.

 

IPVanish

IPVanish is one of the largest and most trusted VPN providers in the industry. Their name is synonymous with security, privacy, and reliability. Nonetheless, a great VPN service, such as IPVanish, is an awesome security tool that protects people’s connections to the web. A VPN offers an encryption protocol to safeguard people’s data and conceal their IP addresses to keep anonymity. For example, you can be in Canada, but the Virtual Private Network can make it seem to look like you are browsing from the United States.

 

ExpressVPN

A Russian ambassador was assassinated in Turkey in 2016. The case attracted international media attention. Turkish authorities following a lead seized a number of Express VPN’s servers. The servers were returned intact a few weeks later. The Turkish authorities had gained nothing from the servers.

Why?

Because the company didn’t keep any logs. Zip. Zero. Nada.

ExpressVPN came out squeaky clean. This famous case is the reason why many rate ExpressVPN as the best and most dependable VPN provider in the world.

 

Perfect Privacy

In the same year, Perfect Privacy had one of its servers seized in the Netherlands for no given reason. Only to be returned intact and breach-free.  Perfect Privacy stores all data on encrypted RAM discs. Your logs cannot be accessed on their hard drives.

 

Private Internet Access

PIA proved their no logs claim, not once, but twice.

In two cases in 2016 and 2018, PIA had logs requested from them as part of an ongoing criminal investigation.

Their response?

A coy smile and a shrug of the shoulders. They simply stated that they had no logs to provide the investigation with any information. PIA stated they could only confirm the IP was from the US East Coast in the 2016 case.

So, there you have it. The sad truth is that the scandals far outweigh the success stories for VPN providers. But there are companies out there you can trust. We hope this piece ends on a bright note. Don’t lose faith in VPN companies. Like any industry, there are going to be bad apples who don’t do what they say. But there are a lot of companies out there who you can trust to take your anonymity and privacy seriously.