Welcome to this new edition of Mailfence’s Privacy and Cybersecurity Newsletter! With this newsletter, we aim to shed light on the most important topics of the day, thanks to our 20+ years of experience in the privacy and cybersecurity space.
This month, we bring you stories from Denmark’s government breaking free from Microsoft, how your phone number could be exposed through your Google account, as well as our privacy tip of the month: plus-addressing. Enjoy!
Denmark Replaces Microsoft with Linux & LibreOffice
Denmark is phasing out Microsoft Windows and Office 365 across government offices, opting instead for Linux and LibreOffice.
The move, led by the Ministry of Digital Affairs, is aimed at regaining digital sovereignty and eliminating the risks of vendor lock-in, where dependence on a single tech provider limits flexibility and inflates long-term costs. A recent study by Jurgen Gaeremyn highlighted how this critical dependency put public services such as fire departments and health systems at risk.
This shift is not just about software. It is a strategic step to ensure that public infrastructure remains under national control.
The government even built a fallback to restore Microsoft access if needed, which underscores both the ambition and caution behind the transition. Vendor lock-in can silently erode autonomy. Denmark’s decision highlights why governments worldwide should reconsider how much control they hand over to external platforms.
Researcher Exposes Google Phone Number Leak
A cybersecurity researcher known as brutecat discovered a Google flaw that let anyone reveal the phone number linked to a Google account. The exploit misused Looker Studio and allowed systematic guessing until a match exposed the user’s number.
These leaked numbers could enable SIM swapping attacks, giving attackers a path to hijack calls, bypass two-factor authentication, and seize control of email, crypto accounts, and more. Some numbers could be retrieved in under a minute.
Google patched the flaw and awarded a $5,000 bounty. Initially marked low risk, the issue was later reclassified as medium—highlighting how even minor data leaks can have major consequences.
Phone numbers are more than contact info. In the wrong hands, they can become tools for identity theft and account takeovers. This case reinforces the importance of creating accounts with the least amount of identifiable information possible, such as an email without a phone number.
Privacy Tip of the Month
This month, we are bringing you one of the most underutilised privacy tips out there: plus addressing.
Tired of spam invading your inbox? Plus addressing is a simple but powerful trick to spot, filter, and block unwanted emails. By adding “+something” to your Mailfence email address (e.g. you+newsletter@mailfence.com), you gain a clever way to identify who’s sharing or misusing your email.
It works like this: just add a keyword after a plus sign in your email (e.g. yourname+shop@mailfence.com) when signing up for a service. If that alias gets spammed, you’ll know exactly where the leak came from.
Here’s how to make it work for you:
- create custom addresses for different services using the “+” symbol;
- track misuse by monitoring which aliases attract unsolicited emails;
- set up filters in your Mailfence settings to flag, label, or delete spam tied to specific addresses;
- protect your real email identity without needing to manage multiple accounts.
This feature gives you better visibility into your email exposure, and a way to take action when privacy is breached.
Want to learn more? Check out our full blog post here.
Profitable reading
- How to Protect Yourself From Phone Searches at the US Border
- Cybercriminals Are Hiding Malicious Web Traffic in Plain Sight
- Criminalizing Masks at Protests is Wrong
- The Dangers of Consolidating All Government Information
- Inside the shadowy world of data brokers
- Google agrees to pay Texas $1.375bn over data-privacy claims
- Yes, your DNA can be up for sale
- Are AI Assistants built for us or to exploit us?
- Airlines Don’t Want You to Know They Sold Your Flight Data to DHS
- Why your biometric data will soon be more valuable than money
That’s it for now!
We hope you enjoyed this newsletter! We look forward to bringing more news from the world of online privacy and cybersecurity next month.
By the way, have you tried out the latest release of our mobile app, which includes our private and secure Calendar? Let us know your thoughts at support@mailfence.com!
Best,
Patrick
Get the latest privacy news in your inbox
Sign up to the Mailfence Newsletter.