CyberGhost VPN’s Quarterly Transparency Report — October, November, and December 2023

As we wrap up 2023, we can take a step back and think about all the challenges we faced this year. AI-driven cyberattacks are on the rise, DDoS attacks have been at the forefront of many security incidents, and misinformation campaigns are running rampant. 

Our mission is to empower you with the tools and knowledge you need to protect your digital identity. Our commitment to data privacy remains unshaken, and as usual, we’ll be transparent with the steps we take to safeguard your online privacy.

This time, we’ll focus on the data for October, November, and December 2023. Let’s break down the numbers and delve deeper into the data. 

Legal Requests — Our Q4 Numbers


In Q4, we received a total of 339,029 legal requests. Compared to our Q3 report, we can notice a staggering 52% increase in requests. To put these numbers into perspective, we’ll be breaking them down into 3 categories:

    • Digital Millennium Copyright Act (DMCA) complaints are requests we receive when various copyright holders signal that one of our IP addresses was used to illegally distribute copyrighted materials.
    • Malicious activity flags are requests we receive when institutions signal that one of our IP addresses was used in a cyber attack.
    • Police requests are requests we receive when law enforcement authorities signal that a criminal investigation led them to one of our IP addresses. 
DMCA Complaints72,05454,60342,459
Malicious Activity Flags72,51954,80042,591
Police Requests201

For this report, we’re looking at eerily similar numbers for DMCA complaints and malicious activity flags, sitting at 169,116 and 169,110 requests respectively. 

CyberGhost VPN's Quarterly Transparency Report numbers for Q4 2023

We also notice a considerable peak in October followed by a steady decrease in numbers throughout the rest of the quarter. 

October marked the premiere of highly anticipated streaming titles, like Loki: Season 2 on Disney+, Five Nights at Freddy’s on Peacock, or The Fall of the House of Usher on Netflix. With so many new releases across different streaming platforms, some may resort to other means of watching all the latest shows. This could explain the rise in DMCA complaints compared to December, when most people are focused on holiday vacation and family time.

This quarter, we received the highest number of malicious activity flags during the month of October. We took steps to help strengthen our security measures and prevent further misuse. By November, we already noticed the number of malicious activity flags drop, and by December 2023 we hit Q3 levels.

We Are Unable to Comply

While these requests usually ask us to provide personally identifiable information, we cannot comply. We operate under a strict No Logs policy, reviewed in an independent audit. We don’t monitor or collect data, and our servers are designed to wipe out everything with every reboot. We simply don’t have any information to share.

DMCA Complaints


DMCA complaints make up 49.9% of all the requests we received these past three months. This is a considerable increase compared to Q3’s 38.8%.


October takes the lead as the month with the most DMCA complaints received in the second half of 2023 followed by the month of August. That’s when popular streaming service Netflix began cracking down on password sharing, leading many to reconsider their streaming subscriptions.

CyberGhost VPN's Quarterly Transparency Report numbers for DMCA Complaints Q4 2023

Malicious Activity Flags


This edition, malicious activity flags sit at 49.9% of overall requests. Compared to Q3’s 61.2%, it’s quite the decrease in requests.


August has clearly been the odd one out throughout the last half of the year, with October ranking in second. Otherwise, the numbers seem fairly consistent throughout the past six months. 

CyberGhost VPN's Quarterly Transparency Report numbers for Malicious Activity Flags Q4 2023

Police Requests


October breaks our streak. Between January and September 2023, we counted exactly zero police requests. December is the month with the most reported cybersecurity incidents. This might account for the fact that we’re starting to see law enforcement agencies requesting personally identifiable information again.


Only time will tell if Q4 was simply an outlier, or if we’ll start noticing more and more police requests coming our way.

CyberGhost VPN's Quarterly Transparency Report numbers for Police Requests Q4 2023

Bug Bounty Program Q4 Numbers

A year ago, we introduced our Bug Bounty Program. This allowed us to collaborate with cybersecurity researchers all over the world, and have them legally report vulnerabilities to us. 

These past three months, we received 81 submissions with 39 of these issues being unique. In total, 6 of these unique submissions were valid, while the other 33 reported issues were either false positives, informational, or invalid.

We Were Busy This Quarter

While we were getting ready to greet 2024, we worked hard to ensure we ended the year on a high note. 

We Expanded Our VPN Network to 100 Countries

You asked, we listened. Due to popular demand, we have increased our server presence from 91 countries to 100 countries. We now offer secure and private connections in: 

    • Bolivia
    • Dominican Republic
    • Ecuador
    • Guatemala
    • Laos
    • Myanmar
    • Nepal
    • Peru
    • Uruguay

You can secure your connection, and access content from these countries while traveling abroad.

We Added More Dedicated IP Locations

In addition to offering new VPN servers worldwide, we also increased the number of dedicated IP locations. You can now get a fully anonymous token-based dedicated IP from:

    • Brussels, Belgium
    • Stockholm, Sweden
    • Madrid, Spain

This brings the total to 21 locations you can choose from and add an unique IP address to your subscription. 

Our Android App Received MASA Certification

In December, our Android app version v8.16.0.2831 was checked by the App Defence Alliance, and successfully passed all Mobile Application Security Assessment (MASA) verifications. This is why the CyberGhost Android app now has a badge in the Google Play Store under Data Safety. It is to confirm that our app was verified via an independent security review. This initiative was rolled out by Google to help Android users determine which apps are best to use from a data protection perspective. 

Our Windows App Is Now Available in the Microsoft Store

Shortly before the winter holidays, we made one last update. We released our Windows app on the Microsoft Store. You can now download our installer directly from the Store, in addition to it being available directly from your online account

We Discussed Server Quality with London Daily News

Our Product Manager, Alex Danaila, talked about our strategic shift towards focusing on network quality instead of network quantity. By upgrading our servers to 10-Gbps, we’re focusing on better quality instead of sheer quantity. As part of a larger move within the VPN industry, we’re committed to a quality-driven approach that helps us achieve significantly improved data transfer speeds, enhanced security, scalability, and reliability.

There’s still a lot more we want to focus on in 2024. We’re committed to making the internet a safer and more open space.

Digital Privacy Is Still the Focus for 2024

These past three months, countless cyber attacks took place. This led to financial losses, downtimes, but most importantly, leaked information. In the age of data-mining and trackers, online security is paramount in order to protect your digital identity. 

That said, cybercrooks seem like they’re always one step ahead. Let’s look at some of the most devastating breaches these past three months.

Indian Council of Medical Research — 815 Million Exposed Records

In October 2023, there were approximately 100 reported cybersecurity incidents. It doesn’t seem like much, but their impact can’t be overstated. Among them, the Indian Council of Medical Research stands out as the most devastating. Over 815 million Indian residents had their private information compromised, including name, age, gender, passport details, and Aadhaar government identification numbers. 

Parental Control App, Kid Security — 300 Million Exposed Records

Out of approximately 450 publicly disclosed security incidents reported in November, popular parental control app Kid Security stood out as the worst case. More than 300 million records were exposed, including phone numbers, payment data, and email addresses. The leak is believed to have been caused by a misconfigured database. 

Real Estate Wealth Network — 1.5 Billion Exposed Records

Over 1,000 incidents were reported in December, but this one takes the crown. An unsecure database belonging to New York-based Real Estate Wealth Network exposed 1.5 billion records pertaining to property ownership data. This includes property owners, potential buyers and sellers, tax ID numbers, purchase price and purchase date, and much more.  

You can never be too careful with your online data. Unfortunately, legislation worldwide still falls short when it comes to data protection. This makes a lot of companies and services either ignore or not allocate enough resources to properly secure your private information. It’s why you need to be proactive.

You need to take matters into your own hands. Choose privacy-friendly alternatives to the services you use, always read privacy policies, and do what you can to mitigate data-mining. Use CyberGhost VPN to redirect your traffic through an encrypted tunnel, always secure your traffic on public Wi-Fi networks, and learn how to stay safe online

Leave a comment

Write a comment

Your email address will not be published. Required fields are marked*