We review vendors based on rigorous testing and research but also take into account your feedback and our affiliate commission with providers. Some providers are owned by our parent company.
Learn more
vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.
Advertising Disclosure

vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

7 Million Users Impacted in Freecycle Data Breach

7 Million Users Impacted in Freecycle Data Breach
Author Image Keira Waddell
Keira Waddell Published on 8th September 2023 Senior Writer

Freecycle.org, a nonprofit platform dedicated to promoting the recycling of reusable items, faced a significant data breach impacting approximately 7 million users. According to Freecycle, the breach, uncovered on August 30, 2023, exposed usernames, user IDs, email addresses, and hashed passwords. Despite being hashed, users are urged to reset passwords promptly to remain secure.

Freecyle’s founder and executive director, Deron Beal, also had his credentials disclosed. Screenshots from the threat actor who stole the data included these credentials, sparking concerns that the threat actor might have admin privileges allowing for complete access to member data and forum posts.

However, Freecycle.org responded swiftly by notifying UK and US authorities, demonstrating a commitment to transparency and user safety. Thankfully, the breach was limited to the mentioned data; no other personal information was compromised.

Users have been given clear instructions on how to reset their passwords effectively. They can do so on their profile settings page or use the password reset link that can be sent via email.

Moreover, users who reuse the same passwords on multiple platforms are being strongly advised to change those passwords on other websites as well. Password reuse is a common practice that can expose users to more extensive security risks. Freecycle’s guidance serves as a reminder of the importance of unique passwords for each online service.

Freecycle has also issued a cautionary note to its users. Due to the exposure of email addresses, users might notice an uptick in spam emails. This warning highlights the need for ongoing vigilance against phishing attacks and unsolicited email communications. Users are reminded not to click on links in emails and to avoid downloading attachments unless you are expecting them.

As cybersecurity incidents become increasingly prevalent, individuals must adopt good security practices, such as unique passwords and awareness of phishing threats, to protect their online presence.

About the Author

Keira is an experienced cybersecurity and tech writer dedicated to providing comprehensive insights on VPNs, online privacy, and internet censorship.