430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

ProtonMail logged IP address of French activist after foreign request approved by Swiss authorities

A police report revealed that the popular encrypted email service provider ProtonMail shared the IP address of a French activist with the authorities. The privacy friendly end-to-end encrypted email service provider ProtonMail has shared the IP address of anti-gentrification activists with law enforcement authorities, a police report revealed. The police used this information to identify and arrest a […]

protonmail

A police report revealed that the popular encrypted email service provider ProtonMail shared the IP address of a French activist with the authorities.

The privacy friendly end-to-end encrypted email service provider ProtonMail has shared the IP address of anti-gentrification activists with law enforcement authorities, a police report revealed.

The police used this information to identify and arrest a France activist who was using the popular service.

The company states that it doesn’t log IP addresses, except when it has to comply with local regulation. In this specific case, it received the request for information from the Swiss police, which was contacted by French authorities via Europol.

“According to their story, French police sent an Europol request to ProtonMail in order to uncover the identity of the person who created a ProtonMail account — the group was using this email address to communicate. The address has also been shared on various anarchist websites.” reported the TechCrunch website. “The next day, @MuArF on Twitter shared an abstract of a police report detailing ProtonMail’s reply. According to @MuArF, the police report is related to the ongoing investigation against the group who occupied various premises around Place Sainte-Marthe.”

“Proton must comply with Swiss law. As soon as a crime is committed, privacy protections can be suspended and we’re required by Swiss law to answer requests from Swiss authorities,” ProtonMail’s founder and CEO Andy Yen wrote.

Yen pointed out that his company did not provide support to the Europol either the French police, it only complied with a foreign request approved by Swiss authorities.

“In this case, Proton received a legally binding order from the Swiss Federal Department of Justice which we are obligated to comply with. There was no possibility to appeal or fight this particular request because an act contrary to Swiss law did in fact take place (and this was also the final determination of the Federal Department of Justice which does a legal review of each case).” the company wrote on Reddit.

“No personal information is required to create your secure email account. By default, we do not keep any IP logs which can be linked to your anonymous email account. Your privacy comes first.” states ProtonMail on its website.

Users could continue to use ProtonMail, but experts recommend them to use a VPN or access it through the Tor network.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, ProtonMail)

[adrotate banner=”5″]

[adrotate banner=”13″]