ExpressVPN User Data Leaked Due to a Bug


ExpressVPN has disabled split tunneling on its Windows clients last week to address an issue in which DNS requests were not properly routed to its servers.

The VPN solutions provider revealed that the problem, which was first seen in May 2022 in ExpressVPN version 12.23.1, caused DNS requests to remain unprotected under specific circumstances. A user’s DNS requests are typically routed to ExpressVPN’s servers when they are connected.

The bug caused the requests to be routed to a third party, usually the internet service provider (ISP), unless otherwise set up. This third party could identify the domain the user visited, but not specific pages or other actions.

Read More: ExpressVPN User Data Exposed Due to Bug

Updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.