v19.84 secure
Privacy Incidents
Privacy Incidents

Known Privacy Related Incidents & Gag Orders to Date

It's important to be aware of the privacy related incidents & gag orders that have been known to occur. Keep your data & privacy safe by learning the truth. Learn about the various incidents that have taken place & how to prevent them in the future.

Nov 2022, LastPass security incident: "We have determined that an unauthorized party, using information obtained in the August 2022 incident, was able to gain access to certain elements of our customers’ information." Source

Aug 2022, LastPass security incident: A third-party gained unauthorised access to portions of their development environment, source code, and technical information through a single compromised developer account. Source

2021, LastPass third-party trackers and security incident: Android app contained third-party trackers. Also, at the end of 2021, an article at the site BleepingComputer reported that LastPass users were warned that their master passwords were compromised. Source

2021, ProtonMail: ProtonMail logged IP address of French activist after an order by Swiss authorities. Source

2021, WindScribe VPN: Servers were not encrypted as they should have been allowing MITM attacks by authorities. Source

2021, DoubleVPN: Servers, logs, and account info seized by law enforcement. Source

2021, Tutanota Email: Forced to monitor two user accounts for three months implicated in a blackmail case. Source

Transparency Report & Warrant Canary for the secure email service Tutanota

2019, LastPass security incident: Affected the LastPass browser extension. Web sites with malicious JavaScript code could obtain a username and password inserted by the password manager on the previously visited site. Source

2017, LastPass security incident: Vulnerability in LastPass Chrome extension and allowing remote code execution from a malicious website. Source

2017, PureVPN: Forced to disclose information of one user to the FBI. Source

2016, LastPass security incident: Malicious websites were able to read plaintext passwords for arbitrary domains from user's vault. Source

2015, LastPass security breach: Account email addresses, password reminders, server per user salts, and authentication hashes were compromised; however, encrypted user vault data had not been affected. Source

2014, EarthVPN: User was arrested based on logs provider to the Dutch Polic because of a bomb hoax. Source

2013, Lavabit Email: Secure E-Mail provider Lavabit shuts down after fighting a secret gag order. Source

2011, LastPass security incident: All users requested to change their master passwords. Yet no evidence that customer information was compromised. Source

2011, HideMyAss VPN: User was de-anonymized, and logs were provided to the FBI in a labeled "LulzSec fiasco". Source

The number of privacy-related incidents reported by networking companies and governments keeps increasing. With these incidents in mind, we have compiled a list of known privacy-related incidents that have impinged upon individual privacy and security.

Privacy tools listed on this page are all open-source unless marked otherwise: Criteria.

VPN with a 82% Discount

VPN that Supports Unlimited Devices: Surfshark (82% off)
Audited Win Mac Linux Android iOS Bitcoin Firefox Chrome

Based in The Netherlands. Operating since 2018. Obfuscated, RAM-only servers. Audited by a reputable German cybersecurity firm, Cure53. Currently, 82% off + 2 months FREE.