ExpressVPN was acquired by Kape Technologies for $936 million in September 2021. Kape was formerly known as Crossrider — a company that built browser extension infrastructure used to inject ads, redirect traffic, and collect user data before rebranding in 2018. The same company now owns ExpressVPN, Private Internet Access, CyberGhost, and ZenMate.
In early 2026, Kape Technologies was delisted from the London Stock Exchange and moved entirely under Teddy Sagi's Unikmind private group. Public companies have disclosure requirements. Private ones don't.
What you need to know:
- Kape Technologies' background matters. Its predecessor Crossrider distributed software that redirected browsers and collected data. That history is documented and relevant to trusting them with your traffic.
- ExpressVPN's response to trust concerns has been ISO certifications — ISO/IEC 27001, ISO 9001. These verify management processes, not traffic logging practices. They are not no-logs audits.
- A Windows IP leak in April 2025 was the second significant technical failure since the acquisition — RDP traffic exposed real IP addresses. The first was in 2022.
- Kape going private in 2026 removes the last external visibility into the parent company's operations and business relationships.
- User sentiment has declined sharply since the acquisition — complaints about speed, reliability, and pricing model complexity are documented across forums and review platforms.
I've tracked the ExpressVPN acquisition and its aftermath since 2021, including each technical incident and corporate structure change.
Before the Acquisition
ExpressVPN built its reputation on speed, polished apps, and aggressive affiliate marketing. Through the mid-2010s it was genuinely competitive on performance and had a reasonably clean trust record. Its affiliate program was among the most generous in the industry — and still is, which is why it dominated "best VPN" rankings despite the corporate history that followed.
The no-logs claim was never formally court-tested, but ExpressVPN had no documented logging incidents prior to the Kape acquisition.
The Kape Acquisition: Why It Raised Flags
Kape Technologies was founded by Teddy Sagi, an Israeli billionaire with a controlling stake in several technology holding companies. The predecessor entity, Crossrider, built software tools that third-party developers used to create browser extensions. Many of those extensions were used to inject ads, redirect browser traffic, and collect user data — documented by security researchers at the time.
Kape rebranded in 2018 and pivoted into cybersecurity and VPN acquisitions: first CyberGhost (2017), then PIA (2019), then Webselenese — the company operating several VPN review sites that consistently ranked Kape products first — and finally ExpressVPN in 2021.
The trajectory from adware infrastructure to owning four major privacy tools, plus the review sites evaluating those tools, is the concern. It doesn't prove malicious intent. It does make independent verification of their no-logs claims significantly harder to accept at face value.
What Changed After the Acquisition
Mass layoffs and talent departure — a significant portion of ExpressVPN's engineering team departed post-acquisition. The founders did not stay on in operational roles.
ISO certifications, not no-logs audits — ExpressVPN accumulated ISO/IEC 27001 and ISO 9001 certifications. These verify that an organization has appropriate security management systems. They do not verify what data is or isn't retained. They are categorically different from the infrastructure no-logs audits Mullvad and Proton VPN publish.
Two Windows IP leak incidents — in 2022, researchers documented ExpressVPN's split tunneling feature leaking DNS queries outside the VPN tunnel on Windows. In April 2025, a second incident: Windows RDP traffic exposed real IP addresses even with the VPN active. Both are technical failures, not logging incidents — but two such events post-acquisition in the same product category suggest engineering attention issues.
Pricing complexity — ExpressVPN's pricing has moved toward short-term plans and renewal pricing patterns that differ significantly from promotional rates.
Kape going private (2026) — removing ExpressVPN from public company disclosure requirements means less external visibility into Kape's operations, business relationships, and any law enforcement interactions.
Where Things Stand in 2026
ExpressVPN isn't provably unsafe. The documented concerns are about the ownership structure and what that means for trust — not confirmed logging incidents.
If you're currently on ExpressVPN for speed and geo-unblocking, the practical risk for most use cases is low. If you're using it specifically because you believe your traffic is private and anonymous, the case for that belief has weakened materially since 2021.
The providers that have demonstrated their no-logs claims through court tests and repeated independent infrastructure audits — Mullvad, Proton VPN, and IVPN — are covered in The Best Anonymous VPN Services in 2026. The full VPN comparison table covers audit status, jurisdiction, pricing, and Tor support side by side.
The full context on Kape's ownership across the industry and what it means for the VPN trust question is in VPN Industry 2026: Who Owns What, Who Can You Trust.
