• Skip to main content
  • Skip to header right navigation
  • Skip to site footer
Restore Privacy

Restore Privacy

Resources to stay safe and secure online

  • News
  • Tools
    • Secure Browser
    • VPN
    • Ad Blocker
    • Secure Email
    • Private Search Engine
    • Data Removal
      • Incogni Review
    • Password Manager
    • Secure Messaging App
    • Tor
    • Identity Theft Protection
    • Unblock Websites
    • Privacy Tools
  • Email
    • Secure Email
    • ProtonMail Review
    • Tutanota Review
    • Mailfence Review
    • Mailbox.org Review
    • Hushmail Review
    • Posteo Review
    • Fastmail Review
    • Runbox Review
    • CTemplar Review
    • Temporary Disposable Email
    • Encrypted Email
    • Alternatives to Gmail
  • VPN
    • What is VPN
    • VPN Reviews
      • NordVPN Review
      • Surfshark VPN Review
      • VyprVPN Review
      • Perfect Privacy Review
      • ExpressVPN Review
      • CyberGhost Review
      • AVG VPN Review
      • IPVanish Review
      • Hotspot Shield VPN Review
      • ProtonVPN Review
      • Atlas VPN Review
      • Private Internet Access Review
      • Avast VPN Review
      • TorGuard Review
      • PrivadoVPN Review
    • VPN Comparison
      • NordVPN vs ExpressVPN
      • NordVPN vs PIA
      • IPVanish vs ExpressVPN
      • CyberGhost vs NordVPN
      • Surfshark vs NordVPN
      • IPVanish vs NordVPN
      • ExpressVPN vs PIA
      • VyprVPN vs NordVPN
      • CyberGhost vs ExpressVPN
      • NordVPN vs HideMyAss
      • ExpressVPN vs ProtonVPN
      • Atlas VPN vs NordVPN
      • ExpressVPN vs Surfshark
      • NordVPN vs Proton VPN
      • Surfshark vs CyberGhost
      • Surfshark vs IPVanish
    • Best VPNs
      • Best VPN for Torrenting
      • Best VPN for Netflix
      • Best Free VPN
      • VPN for Firestick TV
      • Best VPN for Android
      • Best VPN for Gaming
      • Best VPN for PC
      • Best VPN for Disney Plus
      • Best VPN for Hulu
      • Best VPN for Mac
      • Best VPN for Streaming
      • Best VPN for Windows
      • Best VPN for iPhone
    • VPN Coupons
      • ExpressVPN Coupon
      • NordVPN Coupon
      • Cyber Monday VPN Deals
      • NordVPN Cyber Monday
      • Surfshark VPN Cyber Monday
      • ExpressVPN Cyber Monday
    • VPN Guides
      • Free Trial VPN
      • Cheap VPNs
      • Static IP VPN
      • VPN Ad Blocking
      • No Logs VPN
      • Best VPN Chrome
      • Best VPN Reddit
      • Split Tunneling VPN
      • VPN for Binance
      • WireGuard VPN
      • VPN for Amazon Prime
      • VPN for Linux
      • VPN for iPad
      • VPN for Firefox
      • VPN for BBC iPlayer
    • By Country
      • Best VPN Canada
      • Best VPN USA
      • Best VPN UK
      • Best VPN Australia
      • VPN for Russia
    • VPN Router
  • Password
    • Best Password Managers
    • Comparisons
      • NordPass vs 1Password
      • 1Password vs LastPass
      • NordPass vs LastPass
      • RoboForm vs NordPass
      • 1Password vs Bitwarden
      • Dashlane vs NordPass
      • 1Password vs Dashlane
      • NordPass vs Bitwarden
    • KeePass Review
    • NordPass Review
    • 1Password Review
    • Dashlane Review
    • RoboForm Review
    • LastPass Review
    • Bitwarden Review
    • Strong Password
  • Storage
    • Best Cloud Storage
    • pCloud Review
    • Nextcloud Review
    • IDrive Review
    • SpiderOak Review
    • Sync.com Review
    • MEGA Cloud Review
    • NordLocker Review
    • Tresorit Review
    • Google Drive Alternatives
  • Messenger
    • Secure Messaging Apps
    • Signal Review
    • Telegram Review
    • Wire Review
    • Threema Review
    • Session Review
  • Info
    • Mission
    • Press
    • Contact
  • News
  • Tools
    • Secure Browser
    • VPN
    • Ad Blocker
    • Secure Email
    • Private Search Engine
    • Data Removal
      • Incogni Review
    • Password Manager
    • Secure Messaging App
    • Tor
    • Identity Theft Protection
    • Unblock Websites
    • Privacy Tools
  • Email
    • Secure Email
    • ProtonMail Review
    • Tutanota Review
    • Mailfence Review
    • Mailbox.org Review
    • Hushmail Review
    • Posteo Review
    • Fastmail Review
    • Runbox Review
    • CTemplar Review
    • Temporary Disposable Email
    • Encrypted Email
    • Alternatives to Gmail
  • VPN
    • What is VPN
    • VPN Reviews
      • NordVPN Review
      • Surfshark VPN Review
      • VyprVPN Review
      • Perfect Privacy Review
      • ExpressVPN Review
      • CyberGhost Review
      • AVG VPN Review
      • IPVanish Review
      • Hotspot Shield VPN Review
      • ProtonVPN Review
      • Atlas VPN Review
      • Private Internet Access Review
      • Avast VPN Review
      • TorGuard Review
      • PrivadoVPN Review
    • VPN Comparison
      • NordVPN vs ExpressVPN
      • NordVPN vs PIA
      • IPVanish vs ExpressVPN
      • CyberGhost vs NordVPN
      • Surfshark vs NordVPN
      • IPVanish vs NordVPN
      • ExpressVPN vs PIA
      • VyprVPN vs NordVPN
      • CyberGhost vs ExpressVPN
      • NordVPN vs HideMyAss
      • ExpressVPN vs ProtonVPN
      • Atlas VPN vs NordVPN
      • ExpressVPN vs Surfshark
      • NordVPN vs Proton VPN
      • Surfshark vs CyberGhost
      • Surfshark vs IPVanish
    • Best VPNs
      • Best VPN for Torrenting
      • Best VPN for Netflix
      • Best Free VPN
      • VPN for Firestick TV
      • Best VPN for Android
      • Best VPN for Gaming
      • Best VPN for PC
      • Best VPN for Disney Plus
      • Best VPN for Hulu
      • Best VPN for Mac
      • Best VPN for Streaming
      • Best VPN for Windows
      • Best VPN for iPhone
    • VPN Coupons
      • ExpressVPN Coupon
      • NordVPN Coupon
      • Cyber Monday VPN Deals
      • NordVPN Cyber Monday
      • Surfshark VPN Cyber Monday
      • ExpressVPN Cyber Monday
    • VPN Guides
      • Free Trial VPN
      • Cheap VPNs
      • Static IP VPN
      • VPN Ad Blocking
      • No Logs VPN
      • Best VPN Chrome
      • Best VPN Reddit
      • Split Tunneling VPN
      • VPN for Binance
      • WireGuard VPN
      • VPN for Amazon Prime
      • VPN for Linux
      • VPN for iPad
      • VPN for Firefox
      • VPN for BBC iPlayer
    • By Country
      • Best VPN Canada
      • Best VPN USA
      • Best VPN UK
      • Best VPN Australia
      • VPN for Russia
    • VPN Router
  • Password
    • Best Password Managers
    • Comparisons
      • NordPass vs 1Password
      • 1Password vs LastPass
      • NordPass vs LastPass
      • RoboForm vs NordPass
      • 1Password vs Bitwarden
      • Dashlane vs NordPass
      • 1Password vs Dashlane
      • NordPass vs Bitwarden
    • KeePass Review
    • NordPass Review
    • 1Password Review
    • Dashlane Review
    • RoboForm Review
    • LastPass Review
    • Bitwarden Review
    • Strong Password
  • Storage
    • Best Cloud Storage
    • pCloud Review
    • Nextcloud Review
    • IDrive Review
    • SpiderOak Review
    • Sync.com Review
    • MEGA Cloud Review
    • NordLocker Review
    • Tresorit Review
    • Google Drive Alternatives
  • Messenger
    • Secure Messaging Apps
    • Signal Review
    • Telegram Review
    • Wire Review
    • Threema Review
    • Session Review
  • Info
    • Mission
    • Press
    • Contact

UPDATED: Here’s What Really Happened with the LimeVPN Hack

June 29, 2021 By Sven Taylor — 8 Comments
LimeVPN data breach hack

UPDATE July 2, 2021: Numerous false reports are circulating online about the LimeVPN hack, including the total customer size, financial data, and the live site being “hacked”. We have been in contact with both the hacker and LimeVPN since the hack was first announced on a hacker forum and have only reported what we could verify. Below are corrections to some of the false reports circulating online now, with exclusive statements obtained from LimeVPN today.

LimeVPN has also posted an update on the situation here.

1. What was hacked exactly?

When we first analyzed all available data on June 29th, we could identify usernames and passwords in cleartext, as well as transaction data (but no credit cards or sensitive billing information). The hacker claimed to have hacked LimeVPN’s backup database only (not the live website or live VPN server nodes).

Here’s is further clarification that LimeVPN sent us today:

We had an old backup server which was intend to move our billing system into a new server which was not active past few months. The leak seems to have happened in that server.

The only information that is stored in whmcs (our billing system) is a customers name/email/address (if they provide one).  We do not and have never stored or logged any payment information. No credit cards are stored as well. 

Secondly, this is restricted to billing system alone and our VPN nodes are not impacted. Our VPN node infra is secluded from our web app infra. 

– LimeVPN statement to RestorePrivacy July 2, 2021

2. 800 LimeVPN users, not 69,400+

In our original report, we noted that the hacker claimed to have credentials for around 10,000 LimeVPN accounts. In his hacker forum post, he claimed 10,000, and in encrypted messages to us, he claimed the number was closer to 12,000.

Today, there are numerous reports circulating about 69,400+ LimeVPN customers, with this screenshot as “evidence”. We also obtained this information from the hacker a few days ago, but were able to see that:

  • The number is actually 694,071, not 69,400.
  • This is just an activity log of customer interactions, which is common with customer support management systems. It is not the total userbase of LimeVPN.

LimeVPN does not have 69,400 users and the hacker never claimed to have data on 69,400 users. To further clarify, LimeVPN provided us with this statement:

The total no of live accounts on these nodes are less than 800. And most of other data is related to our old orders (and they are not necessarily customers). So the backup, even if it had impacted any of the current user, its less than 800.

We have reset all access credentials, shut down wire guard servers and separating our billing infra from marketing info.

The screenshot is of the activity log. (It is not the no of users).

– LimeVPN statement to RestorePrivacy July 2, 2021

3. LimeVPN’s website was not hacked

We are also woke up today to see numerous reports of LimeVPN’s website was down and it had been “hacked” by the same threat actor who gained access to the old database. But neither the hacker nor LimeVPN ever claimed to have hacked the website.

We reached out to LimeVPN for comment and they had this to say:

As with our website, it has been having frequent ionode excess issue due to high traffic past 30 days. This is not related to this event.  And finally there is no impact on VPN security the infra is seperated and has no impact.  There is no way someone can map a user email to a live server session as these are not on any of these infra. We do not log any web sessions as well.  

– LimeVPN statement to RestorePrivacy July 2, 2021

4. About 25 WireGuard keys for beta testing (not all private keys)

In our interactions with the hacker, he also claimed to have private keys for all LimeVPN users. According to LimeVPN, however, this is also incorrect and these were only about 25 keys for testing WireGuard with a few users:

The keys which is being referred are wireguard keys which was under beta testing.  So there are less than 25 users who are using this and this was already suspended as soon as the information was made aware to us. This was a new feature we intended to launch shortly. 

We have reset all access credentials, shut down wire guard servers and separating our billing infra from marketing info.

– LimeVPN statement to RestorePrivacy July 2, 2021

Note that WireGuard is a unique VPN protocol in that it uses keys for identification and encryption, while OpenVPN uses certificates. (See more in our explanation of WireGuard VPN.)

5. Transaction data (not sensitive financial data) was obtained by the hacker

In our original report, we noted that we could only see transaction data, which did not include sensitive financial information like credit card numbers or banking details. LimeVPN has corroborated this with the following statement:

There is no credit card / payment data. The only data is name/email/address along with the transaction id, amount and payment method. (This is auto logged by whmcs). We do not / never billed credit card on our internal systems.  The only update we receive/log is transaction ids .  Hence credit card leak is not true.

We were curious how the hacker had transaction data from as recent as June 30th, when LimeVPN had claimed this was from a months-old backup database. We posed the question to LimeVPN and they provided us with this explanation:

There is a API admin user which was on WHMCS which had access to the live updates. This API was the interaction between our order page and WHMCS. So when backup was leaked, this API credential was also leaked. This updates the order information between main website and WHMCS . (name, email, order id, payment method) . No payment is handled at our end. We only receive a webhook notification from gateway.

We have suspended the API access as well.  As a precaution and to reassure users, we will be shutting down our current live server and migrate our live site to a new server with a new billing server deployed tonight.

– LimeVPN statement to RestorePrivacy July 2, 2021

6. What passwords were breached?

In the hacker’s original post, he claimed to have usernames and passwords for 10,000 VPN accounts, with the passwords stored in cleartext, and provided us with a few screenshots for verification. While we could have downloaded a LimeVPN client and tested the credentials on live servers, we felt this was an ethical line we did not want to cross.

However, today we have finally gotten more information on these passwords from LimeVPN:

As far as access credentials are concerned, whmcs stores all passwords in secure hash.

The only password that was leaked is VPN connection password which was immediately suspended as well. This password is autogenerated and customers cannot set these so its unlikely any customer could be reused this anywhere.

The whmcs client area logins are secured.

– LimeVPN statement to RestorePrivacy July 2, 2021

7. Overview of the hack

Now that we have obtained more information from LimeVPN today, it appears that the hack is less significant than it is being made out to be by both the hacker and various news outlets. And after examining all evidence from the hacker and obtaining updated statements from LimeVPN, it looks like the hack did not affect the live VPN environment, but rather just a backup server.

Nonetheless, this backup server was still enough to obtain the following records:

  • LimeVPN usernames and emails
  • VPN transaction information (but no sensitive financial data)
  • Other internal records

We’ll keep an eye on the situation and continue to update this article with more information. Below is our original report, with corrections and updates based on new information we obtained from LimeVPN today.


Millions of people around the world use VPN services to achieve higher levels of privacy and security. Normally, this is a good idea, especially if you are using a high-quality VPN that has passed independent security audits. But as with everything in life, there are exceptions to the rule. Enter LimeVPN.

Earlier today (June 29, 2021), a hacker posted an ad on RaidForums to sell all of the data he obtained from hacking LimeVPN. As you can see in our screenshot below, the hacker is offering the full database of the VPN provider, including credentials from all registered users (email and password), along with billing and transaction information.

LimeVPN hacked

We examined the data sample on the forum and then reached out to the hacker for more information to write this report. The seller, who goes by “slashx” on the hacker forum, is asking only $400 for the complete data set, which includes:

  • Credentials for all 10,000+ LimeVPN users (email address and passwords)
  • Transaction records from WHMCS (the billing management systems used by LimeVPN)
  • Internal VPN databases and records

We reached out to the hacker and were able to get more information, including the scope and impact of this data breach. He provided us with screenshots and samples of the data for sale.

LimeVPN hack data breach for sale

When pressed for details on how he obtained access to LimeVPN’s system, the hacker would not elaborate. However, he did say, “I hack for a living” and claims to have the entire database from LimeVPN. This was the screenshot posted to RaidForums, showing a sample of some of the files in the LimeVPN database:

LimeVPN database hacked and sold online

Now we will break down each aspect of this hack and how it affects LimeVPN users.

Credentials for LimeVPN users

In the original advertisement, the hacker claims to have login credentials for 10,000 users. In further correspondence, he told us that the number is closer to 12,000. We asked for a sample of this user credential data, which he provided.

Here is one of the LimeVPN user accounts that the hacker provided for verification. Notice the username is the personal email address of the VPN user and the password is not hashed:

LimeVPN hacked data sold
This is one of the samples of user login credentials that the hacker provided us for verification.

Additionally, he told us that he could decrypt VPN user traffic because he has the public and private keys for every LimeVPN user. If true, this of course de-anonymizes the VPN user and puts them at risk of further exploitation and traffic monitoring.

UPDATE: LimeVPN has clarified that only about 25 WireGuard keys were exposed for internal WireGuard testing.

LimeVPN user data exposed

As a brief recap, the hacker claims to have the following information for every LimeVPN user account:

  • Username (personal email)
  • Password (in plaintext)
  • VPN subscription details

With usernames and passwords, one could attempt to launch credential stuffing attacks. With a credential stuffing attack, a threat actor can attempt to gain access to your other accounts by using the same email and password. And since many people recycle passwords (never do that!), this attack can yield results.

With a giant list of credentials, a hacker can use bots and automation to attempt to gain access to numerous different accounts.

UDPATE: According to LimeVPN, the passwords that were obtained by the breach were auto-generated VPN session passwords. Therefore these would not be useful in a credential stuffing attack.

RestorePrivacy Tip: One way to protect yourself when signing up for services is to use a temporary disposable email address (not your regular email address). That way, if the company’s database is ever breached, only the burner email you used will be exposed.

LimeVPN transaction records

When analyzing the available sample data provided by the threat actor, it does not appear to contain direct payment methods, such as credit cards or bank details, of LimeVPN users. This is because the VPN uses a third party payment processor called WHMCS. However, the hacker claims to have obtained the entire WHMCS database with the LimeVPN hack.

34,423 transaction records

Additionally, the hacker told RestorePrivacy that the database contains 34,423 transaction records from LimeVPN users. This included the user’s name and payment details. The screenshots below show recent transaction details, including up to today. These included the client’s name and payment method, but no credit card details.

LimeVPN data hacked transactions
This is a sample from 34,423 transaction details obtained by the hacker.

UPDATE: As confirmed by LimeVPN, the hacker had temporary API access and could see user purchases, but not billing information. This API access has now been suspended.

RestorePrivacy Tip: When purchasing subscriptions online, whether it is for a VPN or anything else, you can use an private or anonymous payment method. This is helpful because it does not link payment to your identity and can better secure your financial accounts if there is a data breach.

LimeVPN confirms their server was hacked

After verifying samples of the data from this hack, we attempted to alert LimeVPN to the problem and also get a comment on the situation for this article.

On June 30, 2021, LimeVPN replied back to our emails, confirming that their backup server was indeed hacked. Here is what they said:

We have verified that this is from our backup server and not from our main server. So the current customers are not impacted.

While we do see the hacker advertising the “backup system of VPN provider” for sale, we also see recent transactions from as recent as today (June 30, 2021). These lists include the full names of current subscribers.

LimeVPN has also added in an email to RestorePrivacy that, “We have reset all our access credentials and have started a system audit.“

Long-term implications of this hack

Trust is crucial for any VPN service. After all, you are trusting the VPN to secure all your internet traffic through their servers. If something goes wrong, that could give bad actors insight into everything you do online, and potentially worse, exploit the data they are able to collect.

When trust is breached with VPN services, many struggle to gain it back from their users. For example, we reported on the issue of IPVanish logging users for the FBI, all while claiming to be a “no logs” VPN service. Similarly, a few years ago, there was the case of PureVPN logging users while claiming to collect “zero logs”.

UPDATE: LimeVPN has confirmed they do not store any usage logs of their users. And I have not seen any records to indicate that usage logs (user activity, browsing, etc.) is being stored or available to the hacker.

And as we noted recently in our article on the LinkedIn data leak, hackers often put together various pieces of data to build data profiles of potential victims. The user accounts and data in this LimeVPN leak are just more pieces in the puzzle that can be used by bad actors. In many cases, threat actors will build up vast collections of data from various sources, such as we saw with COMB (Compilation of Many Breaches).

Updated Conclusion

While LimeVPN’s backup server was hacked, the damage appears to be less than has been claimed by the hacker (and reported elsewhere).

A few years back, NordVPN also had a security incident, but this incident was even more limited in scope and did not affect any NordVPN users. With the NordVPN case, an expired TLS certificate was obtained for a single server in Finland. But this was of little to no value, as the certificate was expired and could not be used to access any customer data or decrypt traffic.

The website Have I Been Pwned is also useful to see if any of your usernames or passwords have been compromised.

To brush up on all the tools you need for digital self-defense, then check out our privacy tools page.

About Sven Taylor

Sven Taylor is the lead editor and founder of Restore Privacy, a digital privacy advocacy group. With a passion for digital privacy and accessible information, he created RestorePrivacy to provide you with honest, useful, and up-to-date information about online privacy, security, and related topics.

Reader Interactions

Comments

  1. Waqas

    July 4, 2021

    “Numerous false reports are circulating online about the LimeVPN hack.”? How can you call those reports “false” when all of them are based on your report in which you claimed a leak of 69,400+ customers? They simply wrote what your “exclusive” report claimed so how are they publishing “false reports.”?

    If you still want to call it false then call it: Numerous false reports *based on our report* are circulating online about the LimeVPN hack.

    Reply
    • Sven Taylor

      July 4, 2021

      No, that is not correct. There is another “privacy website” that began circulating incorrect information earlier this week, such as the claims that LimeVPN’s website was hacked and taken offline, and that LimeVPN has 69,400+ users who have had private keys exposed. We never made these claims and have worked with LimeVPN to correct the info.
      https://twitter.com/LimeVPN/status/1411061172015611906

      Reply
  2. BoBeX

    July 3, 2021

    There is a journalistic quality about Restore Privacy that exudes integrity.

    Reply
  3. Matti

    July 2, 2021

    Credit where it’s due; Lime owned up to getting pwned way faster than Nord did.

    Reply
    • Sven Taylor

      July 2, 2021

      This is simply not correct. LimeVPN was hacked and the hacker obtained the VPN’s backup database and customer data. A few years ago with NordVPN, someone got an expired TLS cert from a single server in Finland, which had no real-world significance, did not expose any customer data, and could not be used to decrypt traffic. The whole “NordVPN hack” thing was sensationalized because nobody understood what actually happened and the insignificance of the entire situation.

      Reply
  4. BoBeX

    June 30, 2021

    I have recently binge listened to Darknet Diaries.
    There are so many cautionary tails presented of (black hat) hackers destroying there lives hacking.
    Many of these hackers are young people, then some are APTs.

    400 dollars! For the opportunity to harm 12000 people, harm a company and draw the attention of law enforcement and potentially be convicted as a criminal. What is this person thinking?

    Was the LinkedIn hacker asking for $5000 to harm 700 million people?

    Jail for each I am guessing.

    Organizations have a moral duty to their customers. (Not withstanding their legal duties)

    What steps have LimeVPN (Madrid Blues Limited) and LinkedIn (Microsoft) taken to inform their customers of the breaches (incidents), and what steps have these organizations taken to reduce the potential harm to their customers?

    Disclosure of breaches (incidents) is so important. I believe a good example of disclosure (for anyone interested) is the ANU Incident Report which can be found here:
    https://www.anu.edu.au/news/all-news/data-breach
    Nothing less is acceptable.

    Reply
  5. Teus

    June 30, 2021

    State controlled attack on VPN services has just begun.
    Won’t be long until VPN’s will be declared illegal by our wonderful western democracies.
    https://www.doublevpn.com/en/

    Reply
    • JB

      July 2, 2021

      Russia and China both have been banning VPNs for a few years, this has not just began.

      Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Sidebar

Digital Privacy Essentials:
Secure Browsers
Private Search Engines
Secure Email
Best Password Managers
Secure Messaging Services
Best Ad Blockers
Best VPN Services
Secure Cloud Storage

Privacy & Security Guides:
Privacy Tools
Alternatives to Google Products
Firefox Privacy Modifications
Five Eyes, 9 Eyes, 14 Eyes Spying
Browser Fingerprinting
Is Tor Safe?
Alternatives to Gmail
VPN vs Tor
Alternatives to WhatsApp
Is Your Antivirus Spying on You?
Controlling Communication Channels is Crucial for Privacy
Anonymity Networks: VPNs, Tor, and I2P
How to Really Be Anonymous Online
Private and Anonymous Payments

Secure Email Reviews:
ProtonMail Review
Tutanota Review
Mailfence Review
Mailbox.org Review
Hushmail Review
Posteo Review
Fastmail Review
Runbox Review
CTemplar Review
Temporary Email Services
Encrypted Email

Password Manager Reviews:
Bitwarden Review
LastPass Review
KeePass Review
NordPass Review
Dashlane Review
1Password Review
Best Password Managers

Secure Messaging App Reviews:
Wire Review
Signal Review
Threema Review
Telegram Review
Session Review
Wickr Review

Secure Cloud Storage Reviews
Tresorit Review
MEGA Cloud Review
Sync.com Review
Nextcloud Review
IDrive Review
pCloud Review
SpiderOak Review
NordLocker Review

How To Guides
How to Encrypt Files on Windows
How to Encrypt Email
How to Configure Windows 10 for Privacy
How to use Two-Factor Authentication (2FA)
How to Secure Your Android Device for Privacy
How to Secure Your Home Network
How to Protect Yourself Against Identity Theft
How to Unblock Websites
How to Fix WebRTC Leaks
How to Test Your VPN
How to Hide Your IP Address
How to Create Strong Passwords
How to Really Be Anonymous Online

About RestorePrivacy

Contact

Restore Privacy Checklist

  1. Secure browser: Modified Firefox or Brave
  2. VPN: NordVPN (68% Off Coupon) or Surfshark
  3. Ad blocker: uBlock Origin or AdGuard
  4. Secure email: Mailfence or Tutanota
  5. Secure Messenger: Signal or Threema
  6. Private search engine: MetaGer or Brave
  7. Password manager: NordPass or Bitwarden

About

Restore Privacy is a digital privacy advocacy group committed to helping people stay safe and secure online. You can support this project through donations, purchasing items through our links (we may earn a commission at no extra cost to you), and sharing this information with others. See our mission here.

We’re available for Press and media inquiries here.

Restore Privacy is also on Twitter

COPYRIGHT © 2023 RESTORE PRIVACY, LLC · PRIVACY POLICY · TERMS OF USE · CONTACT · SITEMAP