v19.84 secure
a

Privacy Tools

Known Privacy Related Incidents & Gag Orders to Date

The most reliable source for privacy tools since 2015. Software, services and privacy guides to fight surveillance with encryption for better internet privacy.

Nov 2022, LastPass security incident: "We have determined that an unauthorized party, using information obtained in the August 2022 incident, was able to gain access to certain elements of our customers’ information." Source

Aug 2022, LastPass security incident: A third-party gained unauthorised access to portions of their development environment, source code, and technical information through a single compromised developer account. Source

2021, LastPass third-party trackers and security incident: Android app contained third-party trackers. Also, at the end of 2021, an article at the site BleepingComputer reported that LastPass users were warned that their master passwords were compromised. Source

2021, ProtonMail: ProtonMail logged IP address of French activist after an order by Swiss authorities. Source

2021, WindScribe VPN: Servers were not encrypted as they should have been allowing MITM attacks by authorities. Source

2021, DoubleVPN: Servers, logs, and account info seized by law enforcement. Source

2021, Tutanota Email: Forced to monitor two user accounts for three months implicated in a blackmail case. Source

Transparency Report & Warrant Canary for the secure email service Tutanota

2019, LastPass security incident: Affected the LastPass browser extension. Web sites with malicious JavaScript code could obtain a username and password inserted by the password manager on the previously visited site. Source

2017, LastPass security incident: Vulnerability in LastPass Chrome extension and allowing remote code execution from a malicious website. Source

2017, PureVPN: Forced to disclose information of one user to the FBI. Source

2016, LastPass security incident: Malicious websites were able to read plaintext passwords for arbitrary domains from user's vault. Source

2015, LastPass security breach: Account email addresses, password reminders, server per user salts, and authentication hashes were compromised; however, encrypted user vault data had not been affected. Source

2014, EarthVPN: User was arrested based on logs provider to the Dutch Polic because of a bomb hoax. Source

2013, Lavabit Email: Secure E-Mail provider Lavabit shuts down after fighting a secret gag order. Source

2011, LastPass security incident: All users requested to change their master passwords. Yet no evidence that customer information was compromised. Source

2011, HideMyAss VPN: User was de-anonymized, and logs were provided to the FBI in a labeled "LulzSec fiasco". Source

The number of privacy-related incidents reported by networking companies and governments keeps increasing. With these incidents in mind, we have compiled a list of known privacy-related incidents that have impinged upon individual privacy and security.

Buy and Swap Cryptocurrency Anonymously

StealthEX: Supports Privacy Cryptocurrencies
No KYC required Bitcoin Monero

No registration or account needed. 450+ coins and tokens are available for quick and easy exchanges. Data privacy and security is a top priority for StealthEX, all swaps are non-custodial.

Privacy tools listed on this page are all open-source unless marked otherwise: Criteria.