Two Proton users were suspended after publishing an investigation into cybersecurity risks within the South Korean government. Proton says it suspended hactivists, not journalists.

Proton Mail, an encrypted email messaging service, allegedly disabled the accounts of two journalists investigating cybersecurity breaches in the South Korean government. The company, however, argues that the accounts belonged to "hactivists who were involved in a number of hacking incidents," in violation of Proton's terms of service.

Proton, based in Switzerland, is commonly used by people seeking highly secure communications and has been blocked in countries with strict internet censorship, like Russia and Turkey. Many news organizations use the service to manage tips.

According to The Intercept, two journalists were working on an article about an “APT,” or advanced persistent threat, that had penetrated computer networks at numerous vital government agencies in South Korea, including the Ministry of Foreign Affairs and the military’s Defense Counterintelligence Command.

They had set up a new Proton Mail account to manage "responsible disclosures" for the article, which is where ethical hackers disclose vulnerabilities to organizations. A week after the article was published by Phrack, a hacker-focused magazine, the account was suspended, and one of the article's authors found that his personal Proton Mail account had also been suspended.

On X, Phrack asked Proton, “Why are you cancelling journalists and ghosting us?”

In a reply on X, Proton’s official account said the company was “alerted by a CERT that certain accounts were being misused by hackers in violation of Proton’s Terms of Service,” leading to their disabling. A CERT is an official government agency working on cybersecurity, such as the US Computer Emergency Readiness Team (US-CERT) in the Department of Homeland Security.

Proton’s CEO later announced that the accounts were reinstated. A spokesperson told PCMag that the company "made the decision to exceptionally restore two accounts because hactivism cases are not always black and white."

On X, Proton said it "stands with journalists," and noted that it "cannot see the content of accounts and therefore cannot always know when anti-abuse measures may inadvertently affect legitimate activism." Still, the spokesperson argues that "while the [suspended] users might claim to be journalists, their primary activity is hacking and not journalism," adding "Proton didn't suspend journalists, we suspended hactivists who violated ToS."

"As a Swiss company, we do not comply with legal requests from foreign authorities, but if Swiss authorities open a case, we are obligated by law to assist to the extent possible," Proton said on X.

The relationship between encrypted messaging services and governments continues to be a big issue in 2025. Last month, the UK government dropped its mandate requiring Apple to provide backdoor access to Americans' iCloud data.

I’m a reporter covering weekend news. Before joining PCMag in 2024, I picked up bylines in BBC News, The Guardian, The Times of London, The Daily Beast, Vice, Slate, Fast Company, The Evening Standard, The i, TechRadar, and Decrypt Media.

I’ve been a PC gamer since you had to install games from multiple CD-ROMs by hand. As a reporter, I’m passionate about the intersection of tech and human lives. I’ve covered everything from crypto scandals to the art world, as well as conspiracy theories, UK politics, and Russia and foreign affairs.