{"id":20265,"date":"2025-03-22T12:00:14","date_gmt":"2025-03-22T11:00:14","guid":{"rendered":"https:\/\/cyberinsights.iainfraser.net\/?p=20265"},"modified":"2026-06-12T13:51:24","modified_gmt":"2026-06-12T11:51:24","slug":"protons-privacy-problem","status":"publish","type":"post","link":"https:\/\/smecyberinsights.co.uk\/index.php\/2025\/03\/22\/protons-privacy-problem\/","title":{"rendered":"REPORTAGE: Proton\u2019s Privacy Problem: Disturbing DNS Findings Raise Serious Red Flags"},"content":{"rendered":"\t\t
\n\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t\t\t
\"Partners1_NordVPN\"<\/figure><\/div>
\"Partners3_R3\"<\/figure><\/div>
\"Partners2_Zoho\"<\/figure><\/div>
\"Partners4_Plesk\"<\/figure><\/div>
\"Red_Button_Slider\"<\/figure><\/div>
\"ogo2\"<\/figure><\/div>
\"Detection.<\/figure><\/div>\t\t\t<\/div>\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t
\n\t\t
\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\"Yandex_main_office\"\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t\t\t
Image Credit: WikiFido via Wikimedia<\/figcaption>\n\t\t\t\t\t\t\t\t\t\t<\/figure>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t
\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t

Helping Keep Small Business CYBERSafe
\n<\/strong>M\u00e1laga: Saturday, 22nd March 2025 at 12:00 CEST<\/p>\n

REPORTAGE: Proton\u2019s Privacy Problem: Disturbing DNS Findings Raise Serious Red Flags – Critical Threat Intelligence Ignored<\/strong>
\nBy Iain Fraser\/Reportage & Andy Jenkinson CIP<\/a>
\nvia\u00a0 CYBERInsights<\/a> – The UK Small Business Cybersecurity Network<\/a>
\n#CyberInsights #CyberSecurity #CyberAwareness #CyberSafe #SME #SmallBusiness\u00a0<\/em><\/p>\n<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t

\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t

Weeks ago, CyberInsights uncovered serious security vulnerabilities in Proton\u2019s<\/strong> infrastructure. Rather than addressing the issues, Proton responded with hostility and suppression\u2014an unusual reaction for a company built on privacy and transparency.<\/p>\n

This raises a crucial question: Why would a security-first company react this way? The answer may be more alarming than expected.<\/p>\n

Proton\u2019s Encryption Claims vs. Reality<\/strong>
\nProton<\/strong> prides itself on end-to-end encryption and zero-access security, assuring users that not even Proton<\/strong> can access their emails. However, our investigation revealed multiple security lapses, including:<\/p>\n

– Insecure DNS records
\n– Unprotected servers<\/p>\n

A troubling connection to Yandex\u2014Russia\u2019s largest search engine
\nWhy Is Yandex Inside Proton\u2019s<\/strong> Infrastructure? Our findings show Yandex is embedded within Proton\u2019s<\/strong> DNS records. This is deeply concerning, given Yandex\u2019s well-documented ties to data-harvesting and intelligence operations.<\/p>\n

Negligence or Intent?
\n<\/strong> Proton\u2019s<\/strong> Response Is Telling Rather than fixing these security risks, Proton<\/strong> chose silence and suppression. For a company that markets itself as a leader in privacy, this response raises a pressing question for users:<\/p>\n

\ud83d\udd39 Can you really trust Proton<\/strong> with your data?<\/p>\n

The evidence suggests otherwise.<\/p>\n

Stay Secure
\n<\/strong>What Small Businesses Should Do Next. If your business relies on Proton<\/strong> for secure communication, we strongly recommend:<\/p>\n

\u2705 Conducting a security audit of your email provider
\n\u2705 Exploring alternative encrypted email solutions
\n\u2705 Following CyberInsights for the latest security intelligence<\/p>\n

\ud83d\udee1 Your privacy matters. Don\u2019t let questionable security practices put your business at risk.<\/p>\n<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t
\n\t\t\t\t\t\n\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\tLEARN MORE \/...<\/span>\n\t\t\t\t\t<\/span>\n\t\t\t\t\t<\/a>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t
\n\t\t
\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\"Image\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t\t\t
Image Credit: IfOnlyCommunications<\/figcaption>\n\t\t\t\t\t\t\t\t\t\t<\/figure>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t
\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t

SMECYBER Insights \u2013 Helping Keep Small Business CYBERSafe!\u00a0<\/strong><\/p>\n

Launched in 2020 by\u00a0Cybersecurity Journalist<\/a>\u00a0Iain Fraser<\/strong>\u00a0and his team at\u00a0IfOnly…<\/strong><\/a> SMECYBERInsights<\/strong><\/a> was developed to be the go-to platform providing definitive, reliable & actionable Cybersecurity News, Intel,\u00a0 Awareness & Training specifically written and curated for Small Business<\/strong><\/a> & Enterprise Owners, Partners and Directors throughout the UK.\u00a0#SMECyberInsights #SMECyberSecurity #CyberAttack #CyberAwareness\u00a0 #Compliance #DDoS #Fraud #Ransomware #ScamAlert #SME #SmallBusiness #SmallBusinessOwner #ThreatIntel <\/span>\u00a0<\/em><\/p>\n<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t

\n\t\t\t\t\t
\n\t\t
\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\"Reportage\"\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t
\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t

About Andy Jenkinson<\/span><\/strong><\/p>\n

Group CEO CIP. Fellow Cyber Theory Institute. Director Fintech & Cyber Security Alliance (FITCA) working with Governments. Recognised Expert in Internet Asset & DNS Vulnerabilities.<\/span><\/strong><\/p>\n

Andy Jenkinson is a senior and seasoned innovative Executive with over 30 years\u2019 experience as a hands-on lateral thinking CEO, coach, and leader.<\/p>\n<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t
\n\t\t\t\t\t\n\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\tLEARN MORE \/...<\/span>\n\t\t\t\t\t<\/span>\n\t\t\t\t\t<\/a>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t
\n\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t\t\t
\"CI_Feature<\/figure><\/div>
\"CI_Feature<\/figure><\/div>
\"_CI_Feature<\/figure><\/div>
\"CI_Feature<\/figure><\/div>
\"CI_Feature<\/figure><\/div>
\"CI_Feature<\/figure><\/div>
\"CI_Feature<\/figure><\/div>
\"CI_Feature<\/figure><\/div>
\"CI_Feature<\/figure><\/div>
\"CI_Feature<\/figure><\/div>
\"CI_Report<\/figure><\/div>
\"CI_Feature<\/figure><\/div>
\"CI_Feature<\/figure><\/div>
\"CI_Feature<\/figure><\/div>
\"CI_Feature<\/figure><\/div>
\"CI_Feature<\/figure><\/div>\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t\t\t\t
\n\t\t\t\t\t\t<\/path><\/svg>\t\t\t\t\t<\/div>\n\t\t\t\t\t
\n\t\t\t\t\t\t<\/path><\/svg>\t\t\t\t\t<\/div>\n\t\t\t\t\n\t\t\t\t\t\t\t\t\t
<\/div>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"

Image Credit: WikiFido via Wikimedia LEARN MORE \/… Image Credit: IfOnlyCommunications LEARN MORE \/…<\/p>\n","protected":false},"author":1,"featured_media":20267,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"cybocfi_hide_featured_image":"yes","footnotes":""},"categories":[594],"tags":[595],"ppma_author":[505],"class_list":["post-20265","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-reportage","tag-reportage"],"featured_image_urls":{"full":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2025\/03\/Yandex_main_office.jpg",640,480,false],"thumbnail":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2025\/03\/Yandex_main_office-150x150.jpg",150,150,true],"medium":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2025\/03\/Yandex_main_office-300x225.jpg",300,225,true],"medium_large":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2025\/03\/Yandex_main_office.jpg",640,480,false],"large":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2025\/03\/Yandex_main_office.jpg",640,480,false],"1536x1536":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2025\/03\/Yandex_main_office.jpg",640,480,false],"2048x2048":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2025\/03\/Yandex_main_office.jpg",640,480,false],"covernews-featured":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2025\/03\/Yandex_main_office.jpg",640,480,false],"covernews-medium":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2025\/03\/Yandex_main_office-540x340.jpg",540,340,true]},"author_info":{"display_name":"Cybersecurity Journalist Iain Fraser","author_link":false},"category_info":"REPORTAGE<\/a>","tag_info":"REPORTAGE","comment_count":"0","authors":[{"term_id":505,"user_id":1,"is_guest":0,"slug":"admin_yjdstq4n","display_name":"Cybersecurity Journalist Iain Fraser","avatar_url":{"url":"https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2024\/10\/index_image440-removebg-preview.png","url2x":"https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2024\/10\/index_image440-removebg-preview.png"},"author_category":"1","user_url":"http:\/\/smecyberinsights.co.uk","last_name":"Cybersecurity Journalist","first_name":"Iain Fraser","job_title":"","description":""}],"_links":{"self":[{"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/posts\/20265","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/comments?post=20265"}],"version-history":[{"count":9,"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/posts\/20265\/revisions"}],"predecessor-version":[{"id":29355,"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/posts\/20265\/revisions\/29355"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/media\/20267"}],"wp:attachment":[{"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/media?parent=20265"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/categories?post=20265"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/tags?post=20265"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/ppma_author?post=20265"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}