CyberGhost VPN’s Quarterly Transparency Report — January, February, and March 2024

It feels like the first three months of 2024 went by incredibly fast. Between releasing new app versions and improving our server performance, we’ve been working hard to deliver updates and new features to our Ghosties later this year.

And now we’re publishing our latest Transparency Report edition as part of our ongoing transparency efforts. This time, we’re having a look over the legal requests we received in January, February, and March 2024. 

Legal Requests — Our Q1 Numbers


Since the beginning of 2024, we received 369,580 legal requests. This marks a 9% increase in requests compared to our previous report

We’ll split these 369,580 requests into 3 categories:

    • Digital Millennium Copyright Act (DMCA) complaints are the requests we receive when copyright holders inform us that a CyberGhost IP address was used to illegally distribute copyrighted materials.
    • Malicious activity flags are the requests we receive when various institutions inform us that a CyberGhost IP address was used in a botnet attack, scam, or some other cyber attack.
    • Police requests are the requests we receive when law enforcement agencies inform us that a CyberGhost IP address was used in criminal activity. 
DMCA Complaints34,17935,91946,873
Malicious Activity Flags34,368139,25278,985
Police Requests400

This quarter, malicious activity flags make up over half of all the requests we received, with DMCA complaints capping at just a little under a third of overall requests.  

Transparency Report numbers for Q1 2024

Despite these numbers, we’re unable to comply with any request. Our service operates on RAM-only servers, which regularly wipe out all data. This helps uphold our strict no-logs policy in place. We never monitor or store your online activity, which makes us unable to provide any user data.

CyberGhost VPN is based in Romania, a very privacy-friendly jurisdiction. We are under no legal obligation to keep user data. 

But without further ado, let’s have a more in-depth look at the numbers.

DMCA Complaints


DMCA complaints make up about a third of all requests we received this quarter. More specifically, the number sits at 31.6%, which is a slight decrease from the previous report’s 38.8%.


Since October, we noticed a steady decline in DMCA complaints and recorded the lowest number of requests in January. While winter holidays likely played a role, the lack of highly-anticipated shows and movies being released during this period might have had a bigger impact on the number of DMCA complaints we received. 

Transparency Report numbers for DMCA Complaints Q4 2023 vs. Q1 2024

Malicious Activity Flags


Similar to the previous quarter, malicious activity flags make up the majority of our requests. This time around, the number sits at 68.3%, which is quite the increase compared to Q4’s 49.9%.


February stands out as the month with the highest number of malicious activity flags in the past 6 months. This is surprising considering that January took the crown as the month with the most recorded cyber attacks and cybersecurity incidents. 

With over 26 billion records exposed in January, it’s interesting to note that we count our lowest number of requests in that same period. February counted just 712 disclosed incidents, yet we received an overwhelming number of malicious activity flags. 

Transparency Report numbers for Malicious Activity Flags Q4 2023 vs. Q1 2024

Police Requests


Like with most of our reports, police requests sit at the lower end of our overall requests. This time, they make up only 0.1% of all requests.


In Q4 2023, we counted 3 police requests, similar to this quarter. In January we received the most police requests in the past 6 months. Given January’s record-breaking data leaks, it doesn’t seem surprising that law enforcement authorities reached out to our data centers as well. 

Transparency Report numbers for Police Requests Q4 2023 vs. Q1 2024

Bug Bounty Program Q1 Numbers

Our Bug Bounty Program allows us to collaborate with cybersecurity researchers worldwide. They can  legally report vulnerabilities to us.

In Q1 2024 we received 81 submissions, with 43 of these issues being unique. In total, 9 of the unique received submissions were valid. The other 34 reported issues were false positives, informational, or invalid.

2024 Is Not Looking Good for Cybersecurity

The year has barely begun, and we’re already looking at several worrying incidents. January debuted with 4,645 publicly disclosed cybersecurity incidents, exposing a total of 26 billion data records from 3,876 domain names. Affected organizations include tech giants like:

    • Tencent
    • Weibo
    • X (formerly known as Twitter)
    • LinkedIn
    • Adobe
    • Canva
    • VK
    • Daily Motion
    • Telegram

Various US, Brazil, Germany, Turkey, and the Philippines public institutions were also impacted. Cybersecurity researchers and investigators dubbed the sheer amount of exposed records as the “Mother of all Breaches” (MOAB) when they discovered the open instance. While some of the exposed data was likely compiled from previous breaches, the scale of sensitive private information leaked is incredibly concerning. 

Given the magnitude of these data breaches, there is a sliver of hope for the rest of Q1. Reported incidents dropped to 712 in February and 562 in March. We interpret this as a positive sign more companies and organizations are beginning to prioritize cybersecurity and staff training, rather than incidents slipping under the radar. Only time will tell.

We at CyberGhost VPN will remain vigilant, and keep an eye out for any emerging cybercrime trends and digital threats. It’s one way we stay ahead of the game, and improve our VPN service, so that we can always adequately protect our Ghosties. 

We’re looking to expand our VPN service to secure your digital identity, no matter your online activity. This is why we’re working to release an Apple TV app this year. And because we value customizability, we want to give you more options to adapt your CyberGhost VPN experience to your needs. As such, we’re turning our attention to our split-tunneling solution and fine-tuning it in the upcoming months.

Stay tuned for updates! In the meantime, we’ll also keep an eye out on developments in the cybersecurity industry and monitor the landscape for new digital threats. We’ll make sure to include our findings in the next Transparency Report edition.

Leave a comment

Write a comment

Your email address will not be published. Required fields are marked*