Around 20% of today’s top VPN solutions are leaking the customer’s IP address via a WebRTC bug known since January 2015. Security researcher Paolo Stagno recently audited 83 VPN apps on this old IP leak. 17 VPN clients were found to leak the user’s private IP address while surfing the web via a browser. Around 80 commercial VPN providers remained untested at the time of writing, and some of them have never heard of the leak. The bestVPN.com also discovered that 26 out of 115 VPN clients kept some types of log files.
Source: https://www.bleepingcomputer.com/news/security/many-vpn-providers-leak-customers-ip-address-via-webrtc-bug/