We’re halfway through 2024, which means it’s time for another Transparency Report. We’re excited to share all of Q2’s updates and events. We spent the past three months bettering our service and updating our apps. We’re committed to creating the right products to help you safeguard your data online.
Besides updates, we’ll also present the legal requests we received these past three months. Let’s start!
Legal Requests — Our Q2 Numbers
In the past three months, we received 534,449 legal requests. This marks a staggering 44% increase compared to our Q1 report.
These requests can be broken down into three categories.
- Digital Millennium Copyright Act (DMCA) complaints are requests we receive when copyright holders inform us that one of our IP addresses was used to illegally distribute copyrighted materials.
- Malicious activity flags are requests we receive when institutions inform us that one of our IP addresses was used in a cyber attack.
- Police requests are requests we receive when law enforcement agencies inform us that one of our IP addresses was used in unlawful activity.
| April | May | June | |
| DMCA Complaints | 45,961 | 77,857 | 80,441 |
| Malicious Activity Flags | 171,820 | 78,040 | 80,328 |
| Police Requests | 0 | 1 | 1 |
Just like the previous quarter, malicious activity flags make up over half of all requests we received.
As usual, we’re unable to comply with these requests. We abide by a strict no-logs policy, and our RAM-only servers are meant to regularly wipe data. We don’t know anything about what you do online while connected to our servers, and we are under no legal obligation to store user data. Because of this, we don’t have anything to share with the authorities.
With that said, let’s have a look at the numbers.
DMCA Complaints
DMCA complaints sit at 38.2% of all requests. Compared to Q1’s 31.6% we’re looking at a slight increase.
| April | May | June |
|---|---|---|
| 45,961 | 77,857 | 80,441 |
DMCA complaints have been at a relatively steadfast pace until May. We can notice a sharp uptake in May. This trend carried over into June, and we’re looking forward to seeing if July will bring any changes.
With highly anticipated titles like My Lady Jane, Pixar’s Inside Out 2, and Dark Matter, we’re likely seeing more and more people taking refuge from the summer heat and turning to streaming services for entertainment.
Malicious Activity Flags
Similar to our Q1 report, malicious activity flags make up the majority of requests at 61.7%, which is only a small decrease from Q1’s 68.3%.
| April | May | June |
|---|---|---|
| 171,820 | 78,040 | 80,328 |
In our last edition, we noted how February was the frontrunner for malicious activity flags. This time, April takes the crown by a large margin. April has not been a good month for cybersecurity, with almost 300 reported cybersecurity incidents and over 4 billion records exposed.
Our infrastructure team has taken steps to mitigate abuse on our servers and prevent access to malicious domains. This seems to have halved the reports in the following months of Q2.
Police Requests
Police requests make up 0.1% of all requests, just like last quarter’s report. Compared to 4 reports in Q1, it seems like police requests have halved this time around.
| April | May | June |
|---|---|---|
| 0 | 1 | 1 |
Since the beginning of 2024, police requests have remained constant.
Bug Bounty Program — Q2 Numbers
Since the launch of our Bug Bounty Program, we had the honor of connecting with many cybersecurity professionals around the world. This quarter, we received 194 submissions, with 120 unique issues. In total, 14 of these submissions were valid, with the other 106 reported issues labeled as false positives, informational, or invalid.
A Snapshot from Behind the Scenes
We’ve been hard at work these past three months.
CyberGhost VPN Underwent Another Security Audit
We invited Deloitte Audit Romania, one of the Big Four firms, to conduct another audit on our server network and its management systems. You can read the full report from your CyberGhost VPN account. We’re happy to share the results with you, and we’ll explore opportunities for other audits in the future.
We Revamped the Split-tunneling Feature on Android
We implemented a more user-friendly design for our split-tunneling feature on Android. We upgraded the user interface (UI) from the previous simple tick box. It now features two sections: one for apps that bypass the VPN tunnel and another displaying all your apps, making it easier to customize your connection to suit your needs.
We’re Now Supporting Brazilian Portuguese
We added support for Brazilian Portuguese in the Android app. All our Ghosties in Brazil can now navigate the app without language barriers. We’re working on extending support for other operating systems in Q3, so stay tuned!
Looking Ahead
The digital world is far from being a safe place. Countless cyber attacks took place this quarter.
The Government of Palau Caught in a Ransom Attack
The DragonForce ransomware gang announced they added Palau to their leak site, and threatened to release sensitive data stolen from the island nation’s government. According to officials, the communication links provided in the ransom notes were not functional, sparking speculation that geopolitical motives might be behind the attack.
Ticketmaster Suffers Massive Data Breach
Ticketmaster, a prominent ticket sales and distribution company, confirmed a security breach of unprecedented scale. It’s estimated that 560 million users were affected, and perpetrators are reportedly selling a staggering 1.3TB of stolen data. This mostly includes personally identifiable information like names, addresses, emails, and phone numbers.
South Africa’s NHLS Hit by Ransomware Amid Monkeypox Outbreak
The National Health Laboratory Service (NHLS) in South Africa confirmed a ransomware attack that severely disrupted the dissemination of lab results during a monkeypox outbreak. Hackers deleted parts of the system, including backup servers, necessitating a rebuild. The NHLS, which operates 265 laboratories nationwide, stated that no patient information databases were compromised.
Protecting your online data is crucial, and you need to take matters into your own hands. Many companies neglect proper security measures, making it essential for you to be proactive. Opt for privacy-friendly services, read privacy policies, and use tools like CyberGhost VPN to encrypt your traffic, especially on public Wi-Fi.
Leave a comment