NordVPN Was Hacked, the Company Confirms
Technology

NordVPN Was Hacked, the Company Confirms

Jill Abramson

NordVPN advertises itself as one of the most secure VPN services out there, but it cannot keep doing that at this point. The VPN service provider has confirmed that the service was hacked. There were rumors spread on the Internet that the company went through some breaches, but everything has been confirmed. As per the reports, there was a security issue regarding the internal private key and this flaw had allowed attackers could have been able to access user-data. It should be noted that NordVPN is one of the VPN services with a zero-logging policy, where user browsing history is not retained.

In an official statement given to TechCrunch, the spokesperson for NordVPN had admitted that the servers were accessed by a hacker in March 2018. This attacker could have unauthorized access to various data that was stored in the servers the company had in its Finland-based data center. The use of an insecure system for data management was the reason for the exploit and NordVPN claimed it had no knowledge of such an insecure system. The company had known about this exploit and the attack a few months back, but it had to keep everything under secure veil so that the issues could be addressed.

“The server itself did not contain any user activity logs; none of our applications send user-created credentials for authentication, so usernames and passwords couldn’t have been intercepted either. On the same note, the only possible way to abuse the website traffic was by performing a personalized and complicated man-in-the-middle attack to intercept a single connection that tried to access NordVPN,” said the spokesperson for NordVPN while explaining the issue that caused the breach. Despite the explanation from the company, completely trusting NordVPN for all your VPN needs, especially if you deal with sensitive data, may not be the best decision.