It bothers me that VPN providers advertise how using public wifi is "insecure" and that you need a VPN to be safe. It's a bald faced lie and they know it.
I have always felt this way about VPN's and they become the gate-keepers of your data. Then they are "hacked" and it becomes public information for sale.
Also regarding the article, you can prevent your ISP from seeing your DNS lookups by using DNS over HTTPS such as with a pi-hole: https://docs.pi-hole.net/guides/dns-over-https/