VFEmail almost loses 18 years’ worth of user data

11 Feb 2019

E-mail provider VFEmail suffered a hack aimed at destroying user data, almost losing 18 years’ worth of customer e-mail. On 11 February,  VFEmail tweeted that all externally facing systems in multiple data centers were down. Later, the company revealed that an attacker formatted all disks on every server and that every VM, file server and backup server were lost. On 17 February the company unearthed an older backup server which was last backed up in August 2016. The next day, all mailboxes prior to August 2016 became available at nl101.vfemail.net port 1144. The company tweeted it will not shut down and that it hopes it can recover user data between June 2016 and February 2019. They also clarified that the US data center has been vacated and that the company will run entirely from the data center in Netherlands.

Explore the issues

Privacy and data protection are two interrelated Internet governance issues. Data protection is a legal mechanism that ensures privacy. Privacy is usually defined as the right of any citizen to control their own personal information and to decide about it (to disclose information or not). Privacy is a fundamental human right. It is recognised in the Universal Declaration of Human Rights, the International Covenant on Civil and Political Rights, and in many other international and regional human rights conventions. The July 2015 appointment of the first UN Special Rapporteur on the Right to Privacy in the Digital Age reflects the rising importance of privacy in global digital policy, and the recognition of the need to address privacy rights issues the the global, as well as national levels.

Cybercrime is crime committed via the Internet and computer systems. One category of cybercrimes are those affecting the confidentiality, integrity and availability of data and computer systems; they include: unauthorised access to computer systems, illegal interception of data transmissions, data interference (damaging, deletion, deterioration, alteration of suppression of data), system interf


The GIP Digital Watch observatory is provided by



and members of the GIP Steering Committee


GIP Digital Watch is operated by

Scroll to Top