Cybernews security researchers discovered that free virtual private network service provider Bean VPN leaked personal information about millions of its users.
They found a database online with more than 18 GB of connection logs created by the application.
The database was found during a routine check using ElasticSearch. It contains more than 25 million entries, including information such as device IDs, Play service IDs, IP addresses, and connection marks. Researchers said that all of these items could be used to identify users.