Security researchers at vpnMentor have discovered that seven VPN services based in Hong Kong that promised to protect user privacy and not to record logs were, in fact, keeping logs and leaking user information. A single open database server contained information on over 20 million users of those services, including names, passwords, email addresses, and home addresses. The seven services are UFO VPN, FAST VPN, Free VPN, Super VPN, Flash VPN, Secure VPN, and Rabbit VPN.
VPN services often sell themselves as a silver bullet for privacy, but in reality, all you’re doing is sending your Internet traffic through the VPN service instead of through your ISP. That may be best if your ISP is slimy or if you’re in a compromised situation, like using an unsecured Wi-Fi network or working in an unfriendly country. But in the end, when connecting to the public Internet, you have to trust somebody.