Connect with us

Internet

NordVPN says they were breached ‘a few months ago’ and definitely not hacked

NordVPN says “no other server on our network has been affected.”

hacker on computer security Chinese government

NordVPN, one of the most highest-rated VPNs and one we just recently recommended, says they have been hacked, reports TechCrunch. The company said that one of its rented data centers in Finland was accessed without the company’s authorization back in March of 2018.

Apparently, the hacker had access to the server for about a month and was able to gain access by exploiting the data center provider’s remote management system. A system NordVPN said they never knew existed. NordVPN explains to TechCrunch:

“The server itself did not contain any user activity logs; none of our applications send user-created credentials for authentication, so usernames and passwords couldn’t have been intercepted either,” said the spokesperson. “On the same note, the only possible way to abuse the website traffic was by performing a personalized and complicated man-in-the-middle attack to intercept a single connection that tried to access NordVPN.”

Uhhh, the breach was discovered months ago

According to NordVPN, the breach was discovered “a few months ago” but the company didn’t announce anything until the company was “100% sure that each component within our infrastructure is secure.” Yea, that’s not good.

TechCrunch reached out to a security researcher and had them review the statement and evidence of the breach, and the biggest takeaway here is that they found the findings “troubling.”

“While this is unconfirmed and we await further forensic evidence, this is an indication of a full remote compromise of this provider’s systems,” the security researcher said. “That should be deeply concerning to anyone who uses or promotes these particular services.”

NordVPN reached out to KnowTechie in an email and stresses the fact that their “service has not been hacked,” a company spokesperson wrote. “None of the information available on the one server can be used to impersonate or decrypt the traffic of any other. This was an isolated case of one data-center in Finland. It did not impact thousands of other servers in any way, it is virtually impossible to do that.”

The company issued a full statement on their website, which you can read here.

It’s possible NordVPN isn’t the only VPN provider that’s being affected by this. Further rumblings online suggest that other popular VPN providers are being targeted in this breach too. So it’s safe to say, if you’re using a VPN right now, keep it safe.

Do you use NordVPN? Have any thoughts on this? Let us know down below in the comments or carry the discussion over to our Twitter or Facebook.

Editors’ Recommendations:

Comments

More in Internet