Key Points:
- CyberGhost VPN received 534,449 legal requests in Q2 2024, a 44% increase from Q1.
- Malicious activity flags made up 61.7% of all requests, followed by DMCA complaints at 38.2%.
- The company received only 2 police requests in Q2.
- CyberGhost VPN underwent another security audit by Deloitte Audit Romania.
- The company reported on several major cyber attacks that occurred during Q2 2024.
CyberGhost VPN, a leading virtual private network provider, has released its Transparency Report for the second quarter of 2024, covering April, May, and June. The report shows a significant increase in legal requests and highlights the company’s ongoing commitment to user privacy and security.
In Q2 2024, CyberGhost VPN received a total of 534,449 legal requests, marking a 44% increase compared to the first quarter of the year. These requests fall into three main categories: Digital Millennium Copyright Act (DMCA) complaints, malicious activity flags, and police requests.
Malicious activity flags continued to make up the majority of requests at 61.7%, slightly down from 68.3% in Q1. These flags, totaling 330,188, are issued when institutions inform CyberGhost that one of their IP addresses was used in a cyber attack.
April saw a particularly high number of such flags, with 171,820 reports. The company’s infrastructure team has since taken steps to mitigate abuse on their servers and prevent access to malicious domains, which appears to have halved the reports in May and June.
DMCA complaints accounted for 38.2% of all requests, a slight increase from 31.6% in Q1. The company received 204,259 such complaints, with a sharp uptake in May and June. This increase might be related to the release of highly anticipated titles and more people turning to streaming services for entertainment during the summer months.
Police requests remained low, with only 2 received during the entire quarter, making up just 0.1% of all requests. This is a decrease from the 4 requests received in Q1.
CyberGhost VPN maintains that it cannot comply with these requests due to its strict no-logs policy and the use of RAM-only servers that regularly wipe data. The company states that it doesn’t know anything about user online activities while connected to its servers and is under no legal obligation to store user data.
In addition to the legal request data, CyberGhost VPN reported on several other developments. The company underwent another security audit conducted by Deloitte Audit Romania, one of the Big Four firms. The full report is available to CyberGhost VPN account holders.
The company also made improvements to its service, including a revamp of the split-tunneling feature on Android for a more user-friendly design. Support for Brazilian Portuguese was added to the Android app, with plans to extend this to other operating systems in Q3.
CyberGhost VPN’s Bug Bounty Program received 194 submissions in Q2, with 120 unique issues reported. Of these, 14 submissions were found to be valid.
The report also highlighted several major cyber attacks that occurred during Q2 2024. These included a ransomware attack on the Government of Palau, a massive data breach at Ticketmaster affecting an estimated 560 million users, and a ransomware attack on South Africa’s National Health Laboratory Service during a monkeypox outbreak.
In light of these incidents, CyberGhost VPN emphasized the importance of individual action in protecting online data. The company advised users to opt for privacy-friendly services, read privacy policies, and use tools like VPNs to encrypt their traffic, especially on public Wi-Fi networks.