Follow
If you use a VPN...
When was the last time you changed your password?
Is it long, complex, and random?
Have you enabled MFA?
Does your provider support MFA? (If not, consider a different provider.)
Has your VPN undergone a third-party security audit? (If not, consider a different provider.)
^ The above applies for all other online services.
Don't wait until your provider falls victim to a breach and your info appears in a database dump.
Be proactive. Assume your provider will be breached sooner rather than later, no matter how much you trust them.