Cybercriminals on a popular hacker forum have posted a database containing sensitive information of over 16,000 users of the now-defunct proxy website buypersonalproxy.com.
Yesterday, on a popular hacker forum, cybercriminals posted a database that allegedly contains extremely sensitive details of around 16,000 customers of the proxy service buypersonalproxy.com.
The hackers claim that the data includes information such as full names, email addresses, PayPal email addresses, payment methods used, and most importantly, plain text passwords.
While only a relatively small number of people seem to have been affected, the fact that plain text passwords were leaked could also cause serious issues for victims.
After evaluating some of the samples provided, Privacy Affairs analysts believe that the leak appears authentic.
The hacker or hackers in question have posted this information for free, meaning that the database will very likely end up in the hands of many cybercriminals.
We believe security online security matters and its our mission to make it a safer place.
In case the affected users have used their real identity on the proxy website, then this breach could seriously affect their privacy.
Assuming that the affected users have used the proxy service for less than legal activities, then this could result in their activity being exposed to authorities.
The users in question may be identified based on logs and activity patterns that could now be tied to their real names and email addresses.
In case victims have used the same password and email address for other online accounts as well, hackers may now be able to breach those accounts.
This could include personal email addresses and in some cases even online financial wallets and payment processors.
Affected users are advised to immediately change any login details on any website or app that uses the same credentials as their password on buypersonalproxy.com.
While “only” (considering most such data breaches can affect millions of people) a relatively small number of individuals was affected, this breach again shows that using proxy services, whether free or paid, is always a bad idea.
Proxy services (especially free proxies) are notoriously a privacy nightmare. A lot of such services are known to log users’ data and sell them to third parties, sometimes even hackers.
And as we can see from this breach, they usually also have terrible security and even store passwords in plain text.
Most of these services are also completely unknown and aren’t operated by trusted businesses or individuals.
While not all VPNs are always safe and secure, to date no major reputable VPN provider has been breached by hackers resulting in the personal data of users being leaked online. As such, using a trusted VPN is always more secure than using a proxy service.