A court case in Sydney, Australia, in which a man is accused of stealing personal information from an Australian property valuation company and uploading it onto the dark web is set to shine a light once more on VPNs, user logs, and attempts to conceal online crimes.
Stephen Bruce Grant, 49, from Rozelle, in the inner west of Sydney, is accused of publishing the personal details of more than 270,000 people on the dark web.
It is claimed that he stole the information from Landmark White, an ASX listed company that was subsequently forced to suspend trading on its shares, lost clients, and had to fire staff after losing considerable sums as a result of the leak.
The information that Grant is alleged to have stolen includes posted names, addresses, phone numbers and financial information. But it is the way in which these crimes were committed and Grant appears to have tried to cover them up that are of most interest.
How VPNs and Tor were used to cover up crimes
According to Nick Borosh, Crown Prosecutor in the case, investigators have managed to link enough of the information to Grant to justify the 22 criminal charges he faces.
He notes that many of the uploads of information came from a variety of different international locations. These included the likes of the Czech Republic, Johannesburg in South Africa, and Luxembourg.
However, the prosecution claims that all of these locations were actually created by Grant using the Tor network to mask his real location. They also claimed that Grant was using a VPN to hide his location in a similar way, although the VPN in question has not yet been named.
Interestingly, they haven't presented evidence of his online activities while connected to a VPN, which strongly suggests that he used a VPN which has a genuine no user logs guarantee, meaning that this information doesn't exist.
But the prosecution has proved that Grant had a paid account with this VPN. Regular readers will know that we tend to flag when VPNs collect subscriber data in our reviews.
This case shows why this information can be important and emphasises why we stress that if you are privacy-conscious, the best method of payment for your VPN is with a semi-anonymous cryptocurrency.
However, in the case of Grant, there is further evidence which appears to point to his guilt.
One upload of personal information from Landmark White was made using the free public Wi-Fi network at Sydney Airport and investigators have not only managed to show that Grant was at the airport that day, flying from Sydney to Melbourne, but they have also proved that the upload came from a laptop belonging to him.
Again, the insecure nature of public Wi-Fi is something we have flagged many times on this site. It is safe to say that Grant cannot have been using his VPN on this occasion if they have managed to glean so much information about him.
Uploads made in the following days were similarly traced to the public Wi-Fi of the Novotel Hotel in Melbourne, where Grant was staying on his trip.
As well as this, accounts related to the case were set up using fake names, which investigators claim were a reference to the names and nicknames of Grant's work colleagues. Another was made from an IP Address linked to his work.
References to the file names of some of the leaked documents were also found on one of his company's servers.
The role of VPN evidence
This particular case is ongoing and it would be wrong to speculate over whether Grant was guilty of the crimes which he has been charged with or not at this stage. But the evidence that has come to light so far does look fairly compelling.
The evidence linked to his use of VPNs and the TOR network is not the most damning but it is among the most interesting. Presumably, if this evidence alone was all that the prosecution had against Grant, this case would not have come to court.
Being able to prove that he is a user of a VPN that was used to upload these files shows nothing because any VPN will have hundreds or even thousands of other users on the same VPN servers at the same time.
But this information, together with the other evidence does appear to make a compelling case.
This case highlights why a VPN is important to keep your online activity private. The key evidence against Grant has been gathered from occasions when he wasn't using a VPN.
But it also serves to highlight the importance of a VPN's no user logs guarantee and emphasises how, if you want genuine online privacy (not for criminal use, of course), going the extra yard to get a somewhat anonymous VPN account using an anonymous email address and cryptocurrency, is the only way to do it.