Recently, we experienced a security incident related to the VPNCity Chrome extension, and we want to be transparent about what happened, the steps we’ve taken to address the issue and how we are safeguarding your trust moving forward.
What Happened?
As part of a large-scale attack that affected 41 companies and approximately 3.7 million installed plugins, one of our team members fell victim to the Cyberhaven chrome extension security incident (Cyberhaven were only one of the many affected companies).
This allowed the attackers to publish a malicious version of the VPNCity Chrome extension. Unfortunately, this malicious extension was downloaded by some of our customers before we identified and resolved the issue.
Our Chrome Web Store developer account was disabled on the 31st of December and the VPNCity plugin was disabled on any browsers with the malicious plugin installed. It had however been live for approximately 18 days at this point.
After an initial rejection to reinstate our Chrome Web Store developer account, we worked with Google to reinstate the account in order to publish a new, clean version.
Our Response
Security is our top priority, and we’ve taken several steps to ensure an incident like this doesn’t happen again. These include:
- Revamped Internal Security Training: All team members have undergone enhanced security awareness training, with a focus on phishing prevention, account security, and safe online practices.
- Strengthened Access Controls: We’ve implemented additional layers of security for all accounts involved in developing and publishing our browser extensions.
- Updated Extension: We have developed and published a new, thoroughly vetted version of the VPNCity Chrome extension. This version has been rigorously tested to ensure it is free from any malicious code and meets the highest standards of security and reliability.
What This Means for You
If you downloaded the previous version of the VPNCity Chrome extension, you are most likely reading this blog post because you have the new, updated version which is secure.
In terms of other actions to take, our recommendations are as follows:
- Change your Facebook password and delete any existing cookies or sign out on all devices.
- Change your ChatGPT password and delete any existing cookies or sign out on all devices.
- Continue monitoring those accounts and any others in the near future for unusual behaviour.
- In general it’s a good idea to enable two factor authentication (2FA) on your accounts.
Moving Forward
We deeply regret the impact this incident may have had on our customers and take full responsibility for ensuring your security. The trust you place in us is invaluable, and we are determined to rebuild and strengthen that trust through our actions.
We are confident that the measures we’ve implemented will ensure incidents like this don’t happen in the future. Thank you for your patience, understanding, and continued support.
Stay Secure
We will keep you informed with any updates and additional resources related to this incident.
Thank you for being a valued VPNCity customer.
Sincerely,
The VPNCity Team
