PIA’s Q1 2025 Transparency Report Reveals No-Logs Commitment Amid Rising Cyber Threats

• In Q1 2025 transparency report, Private Internet Access (PIA) received 28 legal requests but disclosed no user data, reaffirming its strict no-logs policy.
• Global ransomware attacks reached an unprecedented 5,263 incidents in 2024, underscoring the escalating threat to digital security.
• Hacktivist DDoS and malware via fake CAPTCHAs rose sharply.

Private Internet Access (PIA) has released its Transparency Report for Q1 2025, reinforcing its commitment to user privacy. The report covers legal requests received between January 1 and March 31, and once again, PIA reports that it did not produce any user data—a result of its strict no-logs policy.

According to the report, the legal team received various types of requests, including subpoenas, state and federal notices, and foreign inquiries. The breakdown is as follows:

• Court orders: 0
• Subpoenas: 7
• Warrants: 0
• State notices: 3
• Federal notices: 5
• Foreign and informal requests: 13

Despite receiving 28 total requests, PIA did not share any user data because it simply doesn’t store any. “We do not collect, monitor, or store any information about your online activities,” the company reiterated in its announcement.

PIA also shared updates on bug bounty data and significant developments in the cybersecurity landscape from the first quarter of 2025.

Among the most pressing concerns was a historic surge in ransomware attacks, with 2,063 victims reported globally—the highest number recorded in a single quarter. Over half of these cases (59%) were based in the United States. The Akira ransomware group was noted as one of the most aggressive actors, often exploiting phishing emails or VPN vulnerabilities to access systems.

In addition, hacktivist-led DDoS attacks made headlines. Several prominent U.S. media outlets and e-commerce platforms, including CNN, CNBC, and Amazon, were targeted. The motivations were largely ideological, tied to opposition to U.S. foreign policy. Though most services were restored quickly, these attacks put heavy pressure on digital infrastructure and forced companies to activate DDoS mitigation tools and traffic rerouting strategies.

Another disturbing trend involved malware disguised as CAPTCHA verification. Cybercriminals used fake CAPTCHA pages to deliver the NetSupport remote access trojan. When users interacted with these pages, malicious scripts triggered in the background, giving attackers full remote control of affected systems. Once installed, the malware enabled data theft, surveillance, keylogging, and the delivery of further malicious payloads.

PIA concluded its report by reaffirming its stance: user privacy is non-negotiable, and no logs means no data to hand over, even when requests are made.

PIA’s no-logs policy has been independently verified previously too. In 2022, the company underwent its first Deloitte audit, confirming that it does not log user activity or connection data. This was followed by a second Deloitte audit in 2024, reaffirming its ongoing commitment to user privacy and transparency.

This quarterly report not only highlights how PIA handles legal pressures but also underscores the importance of vigilance in today’s fast-evolving digital threat landscape.