The IT Nerd

VPN Mentor has just published a report with the results of a research they have recently conducted related to the cost of cybercrime during the last year. While conducting the research they identified some key elements such as:

• Only about 1 in 10 ransomware victims officially report their attacks or losses to authorities.
• In 2024, the total number of cybercrime complaints reported to the FBI’s IC3 reached 859,532.
• Phishing was the most-reported cybercrime in 2024 with 193,407 complaints.
• In 2024, financial losses due to cybercrime reached a new record of an astounding $16.6 billion.
• In 2024, investment scams led to financial losses nearing $6.6 billion.

You can check the full report here: https://www.vpnmentor.com/blog/cybersecurity/the-cost-of-cybercrime-whos-paying-how-much-and-whats-changing

VPN Mentor has a recent report on the privacy risks posed by wearable devices.

Here’s a quick overview of what they uncovered:

• 90% of 117 wearable devices track health & wellness metrics, making it the most widely monitored category.
• 63% record location data, either via built-in GPS or connected GPS through a smartphone.
• 23% of major wearable brands explicitly share or sell personal data to advertisers or marketing partners.
• 55% share de-identified biometric data with outside researchers.

You can read the full report here: https://www.vpnmentor.com/blog/wearable-tech-privacy-risks-research/

VPN Mentor has just updated their recently published research on how fast the data broker market is growing and the risks related to people’s privacy and security.

While working on this research, they identified some very interesting and concerning key points such as: 

• Data brokers have collected personally identifiable information (PII) from at least 70% of the world’s online population. 
• Over 5,000 TB of people’s behavioral data, ranging from websites and apps up to public records and social media, is processed daily.
• AI can make profiling completely inescapable by including Machine Learning algorithms as non-optional scripts in apps, websites, or other platforms.
• Small or lesser-known data brokers are reportedly finding it easy to sidestep policies and evade detection since most advocates and regulatory bodies focus on the practices of larger firms. 

You’ll find all the details to their findings here: https://www.vpnmentor.com/blog/user-profiling-and-data-brokers-research/

VPN Mentor has published a report about an increase of VPN demand in UK following the implementation of the Online Safety Act which requires age verification in order to access adult content and possibly harmful content.

Their research team conducted an analysis of user demand data in the UK and they observed a significant surge of 6430% in VPN demand after the enactment of the age-verification laws with spikes of 900% up to 4000% the following days.

They delve into that and the possible privacy risks this act presents to the people.

You’ll find all the details to their findings here: https://www.vpnmentor.com/news/uk-vpn-surge/

VPNmentor just published cybersecurity researcher Jeremiah Fowler’s latest findings, revealing a non-password-protected database containing 3,587,960 records totaling 292 GB, tied to SABO, a well known global fashion brand based in Australia.

The exposed data includes invoices, packing slips, and other documents containing personally identifiable information (PII) such as customer names, physical and email addresses, phone numbers, and order details—impacting both retail and commercial buyers.

This breach raises significant concerns about privacy and data security in the retail industry. Given the scale and nature of the exposure, the risks include phishing, social engineering, and financial fraud.

You can find the full report here: https://www.vpnmentor.com/news/report-sabo-breach/

VPN Mentor just published cybersecurity researcher Jeremiah Fowler’s latest findings, revealing a non-password-protected database containing 245,949 records (286.9 GB), tied to a Texas-based tax credit consultancy.

The exposed data includes PII such as full names, Social Security Numbers, driver’s licenses, military discharge forms, physical addresses, employment-related documents—many containing sensitive tax or financial details, and more.

This breach raises serious concerns about privacy and data handling within the tax credit industry. Given the nature and scope of the exposure, the risks include identity theft, financial fraud, and targeted phishing attacks.

You can find the full report here: https://www.vpnmentor.com/news/report-rockerbox-breach/

UPDATE: Erich Kron, Security Awareness Advocate at KnowBe4, commented:

“Breaches like this, with so much personal and tax-related information can be a real issue for the victims. The information is more than enough to steal an identity or to give attackers data they can use to make scams seem very convincing. 

“Organizations that collect and process information, such as this, need to ensure that security is a top priority within the organization. Employees should be educated about social engineering attacks, the way most breaches start, and have technical controls in place to ensure data is encrypted and kept safe. Data Leakage Prevention (DLP) tools are critical in an organization like this, as are policies and procedures with a focus on data protection.”

New research from vpnMentor reveals: VR headsets can identify users with 94% accuracy in under two minutes—using only motion data.

Key findings:

• 94% accuracy. Users can be uniquely identified after 100 seconds of head and hand movement—comparable to fingerprints.
• Biometric and voice data. 60% of VR companies collect biometric data (including Apple, Microsoft); 66% record audio/voice.
• Data leaders: Qualcomm collects all 16 tracked data categories (most of any company); Pico and Varjo follow close behind.
• Legal gaps. 70% of Oculus apps have undisclosed or inconsistent data practices; current privacy laws don’t fully cover real-time VR tracking.
• Cross-border risks. Companies routinely transfer user data—including sensitive biometrics—outside users’ home countries.

The full report, with rankings and data by company can be found here:
https://www.vpnmentor.com/blog/vr-data-collection-research/

vpn Mentor just published a report about an increase of VPN demand in France following the European Commission’s Digital Services Act requirements of age verification resulting in some adult sites geo-blocking users from the country.

Their research team conducted an analysis of user demand data in France after PornHub, YouPorn and RedTube geo-blocked the country and they observed a significant surge of 874% in VPN demand after they restricted access from within the country.

You’ll find all the details to their findings here: https://www.vpnmentor.com/news/france-vpn-surge/

vpn Mentor just published cybersecurity researcher Jeremiah Fowler’s latest findings, revealing a non-password protected database linked to an app-building platform designed for creators, coaches, influencers, celebrities, and entrepreneurs.

The database exposed 3,637,107 records totaling 12.2 TB, including names, emails, physical addresses, profile images, internal documents, invoices, payment files, and other sensitive data.

This breach raises major concerns about privacy and platform security. With so much sensitive data exposed, the risks of phishing, fraud, and identity theft are high.

You can find the full report here: https://www.vpnmentor.com/news/report-passionapps-breach/

The research team at  vpnMentor analyzed a random sample of 79 major class action lawsuits from the past five years to highlight emerging trends, in order to study whether billion-dollar lawsuits are truly holding tech firms accountable, or if they’re simply reshaping their business strategies.

Key findings at a glance:

• Privacy-related lawsuits account for 73.4% of tech cases. Furthermore, Most tech lawsuits are filed in the US (88.4%), with California leading among the states at (68.4%).
• While the US remains the epicenter of privacy lawsuits (88%), countries like Australia, France, Ireland, and the Netherlands (4% each) are also tightening privacy regulations to protect consumers from tech-related risks.
• Big tech companies have faced 43 lawsuits since 2018, with Alphabet leading at 10 cases. Privacy violations are the most common (55.8%), followed by tech product recalls (25.6%) and AI-driven privacy concerns (18.6%).
• Notable companies like Apple, Alphabet (Google), Meta, and Samsung have faced significant regulatory fines and class action lawsuits over privacy and data security issues, with damages reaching hundreds of millions of dollars (USD).

While legal battles have led to multi-billion-dollar settlements, many cases are still pending, highlighting the challenges in resolving disputes and stopping harmful practices in tech industries. As regulatory scrutiny intensifies worldwide, the long-term impact of these legal actions on industry practices remains to be seen.

You can access the report here: https://www.vpnmentor.com/blog/tech-class-actions-research/