ShellCodeX
Tools โ€ข Events โ€ข News โ€ข Insights
ShellCodeX Breach Report

SuperVPN & GeckoVPN Data Breach

Major exposure
Verified breach
Accounts exposed 20,339,937
Breach date 25 Feb 2021
Added to tracker 28 Feb 2021
Data classes 6

What happened

In February 2021, a series of "free" VPN services were breached including SuperVPN and GeckoVPN, exposing over 20M records. The data appeared together in a single file with a small number of records also included from FlashVPN, suggesting that all three brands may share the same platform. Impacted data also included email addresses, the country logged in from and the date and time each login occurred alongside device information including the make and model, IMSI number and serial number.

Exposed data

Device information Device serial numbers Email addresses Geographic locations IMSI numbers Login histories

Recommended actions

  • Watch for targeted phishing emails referencing SuperVPN & GeckoVPN โ€” attackers weaponise breach data quickly.
  • Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP