Which VPNs Leak Your Data? (90+ Tested)

JP Jones - CTO @ Top10VPN

JP is our CTO and with over 25 years of software engineering and networking experience oversees all technical aspects of our VPN testing process. Read full bio

VPN leaks can expose your IP address and activity to anyone viewing your connection. Unless you know how to detect them, you may never know they’re happening. Find out which VPNs leak with up-to-date research from our experts.

Illustration of two characters trying to fix a leaking pipe.

Many VPN services that claim to protect your privacy are in fact leaking your IP address, DNS requests, and location without you even knowing it.

Your VPN connection might seem safe: there are no notifications or errors, your provider has a strict no-logging policy, a great jurisdiction, and super-fast speeds. But your internet service provider (ISP), government, and anyone else looking at your traffic can still see absolutely everything you do online.

One study of free VPN applications found that over 80% of the VPNs tested leaked their users’ IP address. Our own study has confirmed that 25% of the most popular free Android VPN apps fail to protect users due to DNS and other leaks. Unless you know how to detect these leaks, you might never find out that your VPN is leaking.

There is no room for error with these leaks: just one leaked data packet is enough to reveal your identity and activity to anyone viewing your connection.

So which VPNs are actually worth your trust?

We tested 90 of the most popular VPN providers on the market for data leaks. Our research revealed that a significant number of popular VPNs leak some kind of user data through DNS or WebRTC:

  • 19% leak user data in some form
  • 16% leak DNS requests
  • 6% leak your IP address through WebRTC

We found leaks in as many as 17 of the VPNs we’ve reviewed. That’s 19% of the ‘best’ VPNs on the market. For a list of all 90 VPNs and the data they leak, take a look at our VPN leaks comparison table below.

What Is a VPN Leak?

A VPN ‘leak’ occurs when personal information is exposed that could be traced back to your true identity. This typically refers to your IP address, DNS information, or geographic location.

VPN leaks allow your ISP, government, and any other third party monitoring your connection to determine your identity and activity. For this reason, a leaking VPN is fundamentally useless.

You undoubtedly want to keep this information private, so VPN providers market themselves accordingly. The truth is, however, that most VPN connection protocols were not actually designed with privacy in mind.

By default, most protocols send DNS requests to default servers. They leak IPv4 traffic when forced to reconnect, and they are usually completely oblivious to IPv6 traffic. Only the VPNs specifically developed to offset these problems will offer you protection.

Illustration of four types of VPN Leak

Here is a summary of the four main types of VPN leak:

  • IP Address leaks: IP leaks occur when your VPN fails to mask your personal IP address with one of its own. This is a significant privacy risk as your ISP and any websites you visit will be able to link your activity to your identity.
  • DNS leaks: A VPN is supposed to route your DNS requests to its own DNS servers. If your VPN routes these requests to your ISP’s DNS servers instead, it’s called a DNS leak. This exposes your browsing activity and any websites you visit to any other eavesdroppers.
  • WebRTC leaks: WebRTC is a browser-based technology that allows audio and video communications to work inside web pages. WebRTC has clever ways of discovering your true IP address even if a VPN is on. The best VPNs block WebRTC requests. Alternatively, you can disable WebRTC completely at the browser level.
  • IPv6 leaks: IPv6 is a new form of IP address that is not currently supported by most VPNs. Unless a VPN supports or actively blocks IPv6, your personal IPv6 address can be exposed if you’re on an IPv6-enabled network.

To find out if your VPN is working as it should, you can conduct a basic manual test for IP leaks using our IP checker tool, or another IP testing website like browserleaks.com. Simply check your IP address before and after connecting to a VPN server – if your IP doesn’t change, your VPN isn’t working.

There are also more advanced VPN leak tests you can run at home. While these tests will help you take a closer look at your VPN traffic, they will require significantly more technical knowledge.

You can use a testing suite to collect and inspect your VPN traffic. Building a testing suite can be quite complex and will depend on the operating system you’re using. You can find free, open-source testing tools online on websites like GitHub.

ExpressVPN also has an advanced testing suite used to check its apps for leaks. You can find this testing suite available for free here, as well as this helpful quick-start guide.

Screenshot of ExpressVPN's VPN leak testing suite.

ExpressVPN’s open-source VPN leak testing tools.

If you’re seriously concerned about your online privacy and security, it’s wise to run some advanced tests with your VPN rather than relying solely on basic tests to detect any problems.

If you don’t feel technically confident enough to follow advanced instructions, it’s sensible to choose a VPN provider that has been independently reviewed and verified by a trusted third party.

If your VPN has tested positive for leaks and you’d like to fix or prevent them, it might be time to choose a new VPN provider.

Which VPNs Leak Your Data? (90+ Tested)

illustration of two characters fixing a leaking server

We tested 90 of the most popular VPN services for data leaks. Our research revealed that a significant number of VPNs leak some kind of user data through DNS or WebRTC.

We found that of the 90 services tested:

  • 19% leak user data in some form.
  • 16% leak DNS requests.
  • 6% leak your IP address through WebRTC.

The following tables list all 90 VPNs and the specific types of data they leak. If you’re searching for a specific VPN, use Ctrl+F to find the provider you’re looking for. If a field is marked with an asterisk, it means we detected a leak when using the VPN’s browser extension or other custom application.

If you’d like to skip this table, you can jump straight to the bottom line on VPN leaks.

VPN Leaks: The Bottom Line

Data leaks pose a significant risk to your online privacy, especially if you’re using a VPN for torrenting or streaming.

Your VPN could be exposing your identity and activity to anyone viewing your internet connection, and unless you take active steps to test it, you may never know.

The first step to protecting your privacy is choosing a trustworthy VPN provider that has been verified by an expert third party. Check the research in this guide to make sure your chosen provider hasn’t got a history of poor security, and make sure you test your VPN regularly if you’re truly concerned about your anonymity.

Finally, never take a VPN’s marketing statements as absolute truth.

About the Author


  • JP Jones

    JP is our CTO and with over 25 years of software engineering and networking experience oversees all technical aspects of our VPN testing process. Read full bio