MyEtherWallet, one of the internet’s most popular services for managing cryptocurrencies, suffered a serious security breach for the second time this year after a widely-used VPN service was compromised for five hours.

MyEtherWallet (MEW) is used to access crypto wallets and send and receive tokens to/from other wallets. Today, it warned that users of its service who utilize the Hola, a free VPN which plugs into browsers and claims nearly 50 million users, may have been caught up in a malicious attack to steal crypto. Regulars users of MEW were not impacted by the breach.

The company said that Hola was compromised for a period of five hours, during which time any Hola users who navigated to MEW and accessed their wallet with the VPN switched on may have been affected. MEW is recommending anyone who used the site and VPN in the last 24 hours to transfer their tokens to a new wallet… assuming that they still have access to them.

The incident is a good reminder of why it is better to pay for a VPN service rather than use a free one. Back in 2015, Hola was accused of performing DDoS attacks “on demand” surreptitiously for paying clients using the computing power of its users so the writing has been on the wall.

MEW pointed TechCrunch to statements on Twitter when asked for comment on the incident. We contacted Hola for comment but had not heard back from the company at the time of writing.

It isn’t yet clear how many users were hit, but the situation recalls a similar incident in February when MEW was affected by a DNS attack that saw at least $365,000 of crypto stolen from users.

MEW is one of the most popular wallet services on the internet, but other options include MyCryptoa service launched by a former MEW co-founder — and Imtoken, which is run by a China-based company that recently raised $10 million from investors.

Note: The author owns a small amount of cryptocurrency. Enough to gain an understanding, not enough to change a life.