I knew this was going to happen months ago, I was prying into their security and asking questions. I knew it was only a matter of time. They really are not a great service.
Hi Taliscicero, We have been updating our customers on our blog: http://www.purevpn.com/blog/fake-email-to-clients-update-1/ This limited breach which effected subset of our users was due to WHMcs zero day exploit. Also as we vouch for privacy, security and anonymity on the internet, we have taken all possible measures to make sure this does not happen again. If you have any questions - please write us at enquiry (a t) purevpn (d o t) com. We will make sure your email is replied as soon as possible. Thank you.
Good PR department to find this thread so fast, also why are you listed as posting from Pakistan? I did actually bring up a security flaw you guys had a while back and it was ignored. I spoke to someone in chat and also sent you an email. I don't really care and hopefully you fixed it by now but yeah... the security patch was out days before this attack happened, why did you not patch the flaw before the attack? You know the name and emails of all your users on the subset are now out in the open, meaning you did the opposite of what they pay you for, privacy. I also don't buy that it was a limited subset, I think your whole server was taken over and they got every email and name of all your current and possibly past clients. You claim you were being transparent and open with your users, I don't think so. I think the fact that the hackers sent out emails to all your clients directly referencing PureVPN meant your hand was forced and you "had" to be transparent, I doubt you would have been otherwise.
