CyberGhost VPN’s Quarterly Transparency Report – October, November, December 2022

2022 is over, and now we can reminisce about all the challenges we faced in the tech industry this past year. While the world battled supply chain issues post Covid-19 lockdowns, the tech industry is still feeling the after effects of chip shortages. 

New components are more expensive and harder to come across, which makes it challenging to upgrade and meet new cybersecurity standards. This is especially problematic considering remote work is here to stay. People and businesses are vulnerable in the face of online threats without proper digital hygiene and security. 

In 2022, we counted more than 4,100 publicly disclosed data breaches. This equates to roughly  22 billion records exposed. Your data is valuable and in high-demand.  And it shows when we look at the increase in requests for user data we received these past few months. Let’s have a look at how many DMCA complaints, malicious activity flags, and police requests we received in October, November, and December 2022.

Legal Requests – Q4 Edition

255,201

In the last quarter of 2022, we received a total of 255,201 requests. This means a 47% increase compared to our last report and a 128% increase year-over-year compared to Q4 in 2021.

We’ll break down this number by splitting the requests into 3 categories. These are:

          • Digital Millennium Copyright Act (DMCA) complaints 
          • Malicious activity flags
          • Police requests

A vast majority of these requests ask for user data, including users’ original IP addresses, and browsing histories. We never store or collect user data, so we never have any data to share. We have a strict No Logs policy in place, which means we never see what you do online. It’s none of our business.

In the line of requests, the numbers seem fairly consistent. A monthly breakdown looks something like this:

OctoberNovemberDecember
DMCA Complaints43,10944,69537,928
Malicious Activity Flags36,40246,60346,447
Police Requests656

This quarter, we see DMCA complaints and malicious activity flags averaging around half of overall requests, while police requests make up a small percentage. 

CyberGhost VPN's Quarterly Transparency Report numbers for Q4 2022
The numbers at a glance

Let’s dive into numbers, and see how they compare to our previous report.

DMCA Complaints

125,732

DMCA stands for Digital Millennium Copyright Act. You might best know it as the copyright law. It protects intellectual property, and it’s one of the most common types of request we receive. 

Copyright holders and entertainment companies let us know when one of our IP addresses was used to distribute copyrighted material. Normally they also provide the torrent port used and a time stamp.

OctoberNovemberDecember
43,10944,69537,928

This report breaks the long streak of DMCA complaints encompassing the majority of our requests. This time, they only make up 49.2% of all requests. This might not seem like much of a decrease compared to Q3’s 55.3% but it’s the first report on the Privacy Hub where DMCA complaints make up less than half of all requests.

Compared to our previous report, DMCA complaints rose by 31%. We noticed requests started to increase in August, and slightly decline in December.

CyberGhost VPN's Quarterly Transparency Report numbers for DMCA Complaints Q4 2022
We notice a big increase in August

Malicious Activity Flags

129,452

Malicious activity flags signal that one of our IP addresses was used in a cyber attack. Authorities and domain owners notify us when they’ve registered a DDoS attack, botnet attacks, automated spam, suspicious login attempts, or similar attacks with a CyberGhost IP address.

OctoberNovemberDecember
36,40246,60346,447

This time, malicious activity flags make up the majority of requests we received, sitting at 50.7%. It might not seem like a big increase from the previous edition’s 44.6%, but the number went up from 77,286. This marks a 67% increase in malicious activity flags.

From August onwards, malicious activity flags picked up. Around September and October we notice a slight decrease, but otherwise our July numbers appear to be the outlier.

CyberGhost VPN's Quarterly Transparency Report numbers for Malicious Activity Flags Q4 2022
Malicious activity flags increased these past three months

Police Requests

17

Police requests are requests we receive from various law enforcement agencies. If a criminal investigation leads to one of our IP addresses, authorities notify our data center. The data center then forwards that notification to us.

In cases like these, authorities ask for details that could aid their investigation like IP addresses, or browsing history. Due to our strict No Logs policy, we don’t have any data to share.

OctoberNovemberDecember
656

As usual, police requests make up the smallest pertance of overall requests. Over the past 3 months, police requests make up 0.1% of all requests. That said, the number of police requests almost doubled from 9 in Q3 to 17 requests this quarter, almost an 89% jump.

With the exception of August and September, the number of requests remains consistent. This could be attributed to the fact that August 2022 was a busy period for vacations, as a lot of countries have relaxed travel restrictions after the Covid-19 pandemic.

CyberGhost VPN's Quarterly Transparency Report numbers for Police Requests Q4 2022
August seems the outlier here

We’re Strengthening Our Service

We value our Ghosties’ feedback. It’s at the core of our mission to improve and innovate. We’re keeping busy behind the scenes, and always looking for ways to improve our VPN service and security products. These past 3 months, we focused on some notable improvements.

We Introduced Our Bug Bounty Program

Data security is paramount to our service, and we cut no corners when it comes to building up our products. We couldn’t have developed CyberGhost VPN into the robust security tool it is today without the feedback and suggestions from our community. 

Now, we rolled out our bug bounty program and made it easier to centralize your ideas and findings. Bug bounty programs let you legally report vulnerabilities, and even receive a reward for your work.

Between October 1, 2022 and January 1, 2023, we received 177 submissions. Of these, 21 submissions were valid, while the others were either duplicates or still being looked into. 

We’d like to thank all researchers who submitted their findings. If you’re knowledgeable about cryptographic failures or server-side request forgery, you can take our apps for a spin and submit potential bugs.

We Extended Support for Australian Streaming Services

Besides improving our security, we’re expanding our entertainment options as well. This time, we have good news for our Ghosties over in Australia

We added streaming-optimized servers for 10Play and 9Now. Stream the best Australian TV has to offer securely with CyberGhost VPN!

We Discontinued Our Password Manager

In April 2021, we launched our cloud-based Password Manager as an add-on to our subscriptions. We wanted to help our Ghosties secure their credentials and protect themselves in the face of ever-growing digital threats. 

We built our product on a solid technical foundation but unfortunately it didn’t gain the traction we expected. We made the difficult decision to discontinue the CyberGhost Password Manager, and focus our efforts on our other security products.

New Year, Same Commitment to Online Privacy

Digital threats are evolving, and we’re focused on building the right security tools to give your privacy a future. Cybersecurity experts fear the worst for 2023, as data harvesting is becoming more ingrained in our daily lives with 5G integration and IoT technology evolving faster than we expected.  

At CyberGhost VPN, we’re working to tackle new challenges in the digital space, and help you reclaim your online privacy and keep data-mining to a minimum. We have a lot planned for the future which includes strengthening our VPN service, offering more options and customizations, and expanding our server network to suit your every need.

As always, we’re committed to transparency, and we’ll continue publishing our quarterly editions right here, on the Privacy Hub. Missed our previous reports this year? Check them out here:

Or you can check out our yearly Transparency Report. Until next time, stay safe and  secure!

Leave a comment

Write a comment

Your email address will not be published. Required fields are marked*