NordVPN confirms one of its servers was hacked

News
By published

The company says "no other server on our network has been affected."

(Image credit: Negative Space)

NordVPN, one of many VPNs (Virtual Private Networks) available to anyone with an internet connection, has confirmed it's been hacked. This admission comes on the heals of earlier rumors that the company had been breached. It appears an expired internal security key was exposed, allowing anyone outside the company unauthorized access. A NordVPN spokesperson said the breach was discovered a few months ago, but only made the information public today because it wanted to be "100 percent sure that each component within our infrastructure is secure."

The data breach happened in March of 2018, when an unauthorized individual accessed a server the company was renting in Finland. The server had been active for a month beforehand, and the attacker exploited an insecure remote management system left by the data center provider. While the company has intrusion detection systems installed to find breaches like this, it did not predict that it would or could come from a "remote management system left by the data center provider" as it did in this case. NordVPN said it was unaware that that system even existed.

However, the company maintains that the attacker did not gain access to activity logs, user-credentials, or any other sensitive information. NordVPN maintains what it says is a strict "zero logs" policy. "We don’t track, collect, or share your private data," the company says on its website.

Troubling, however, is that one NordVPN researcher, who declined to be identified, said this attack is indicative of a larger issue, a "full remote compromise of this provider's systems."

VPNs help protect your online data by creating a private network across a shared or public one—basically allowing anyone connected to the same network to send and receive data as if they were connected directly to a private network. Many corporations use VPN services for remote users, while for home use, VPNs are often used to circumvent things like geo-blocks to watch a video or access other media not available in a specific region. They can also connect to proxy servers to further protect personal identity on the internet (for good or evil intent).

If you are a NordVPN user and want to take precautions, there are other excellent VPN services that you might be interested in.

Thanks, TechCrunch.

Joanna Nelius
Joanna Nelius
When Joanna's not writing about gaming desktops, cloud gaming, or other hardware-related things, she's doing terrible stuff in The Sims 4, roleplaying as a Malkavian, or playing horror games that would give normal people nightmares. She also likes narrative adventures.
Latest in Security
An FBI wanted poster for alleged hacker Zhou Shuai.
US Justice Dept announces $10 million bounty on at-large 'hacker-for-hire' cabal it says targeted China critics, religious missionaries, and the Treasury
Kinzie, in an FBI jacket, uses a computer with the logo of the Third Street Saints on it
Have I Been Pwned adds over 284 million compromised passwords from latest breach
A still from a YouTube video of Senator Mark Warner speaking
Telecoms hack on US government officials is 'worst in nations history' and 'the barn door is still wide open' says senator
HDMI cable
Hackers can wirelessly spy on your display by collecting HDMI signal leaks and churning them through an AI, but I wouldn't break out the tin foil just yet
Computer code and text displayed on computer screens. Photographer: Chris Ratcliffe/Bloomberg
Forcing users to periodically change their passwords should go the way of the dodo according to the US government
An original Apple Macintosh Model M0001, as they celebrate 40th anniversary, is on display in between 2024 Apple models at the independent Apple products store chain Amac, on January 24, 2024 in Utrecht, The Netherlands. Based on the Motorola 68000 microprocessor, the Macintosh was the first successful mouse-driven computer with a graphical user interface.
Major browser providers scramble to patch an 18-year-old vulnerability affecting MacOS and Linux systems but Windows remains gloriously immune
Latest in News
An Enshrouded player in a recreation of Erebor from The Lord of the Rings
Kings under the Mountain! 33 Enshrouded players spent 10,000 hours to recreate this iconic location from The Lord of the Rings
A mech awakens.
Mecha Break developer is considering unlocking all mechs following open beta feedback
Lara Croft Unified Art
Tomb Raider developer Crystal Dynamics lays off 17 employees 'to better align our current business needs and the studio's future success'
A long bendy arm stealing money from people in a subway car
'You're a very long arm. You steal things. It's a comedy game,' explains developer of comedy game where you steal things with a very long arm
The heroes are attacked by monsters
Pillars of Eternity is getting turn-based combat to mark its 10th anniversary, and that means PC Gamer editors will soon be arguing about combat mechanics again
Image of Ronaldo from Fatal Fury: City of the Wolves trailer
It doesn't really make sense that soccer star Ronaldo is now a Fatal Fury character, but if you follow the money you can see how it happened
More about security
An FBI wanted poster for alleged hacker Zhou Shuai.

US Justice Dept announces $10 million bounty on at-large 'hacker-for-hire' cabal it says targeted China critics, religious missionaries, and the Treasury
Kinzie, in an FBI jacket, uses a computer with the logo of the Third Street Saints on it

Have I Been Pwned adds over 284 million compromised passwords from latest breach
kingdom come deliverance 2 thunderstone quest

Kingdom Come: Deliverance 2's masterful quest design can be summed up by one wonderfully weird search for a magic stone
See more latest
Most Popular
An Enshrouded player in a recreation of Erebor from The Lord of the Rings
Kings under the Mountain! 33 Enshrouded players spent 10,000 hours to recreate this iconic location from The Lord of the Rings
A mech awakens.
Mecha Break developer is considering unlocking all mechs following open beta feedback
Lara Croft Unified Art
Tomb Raider developer Crystal Dynamics lays off 17 employees 'to better align our current business needs and the studio's future success'
A long bendy arm stealing money from people in a subway car
'You're a very long arm. You steal things. It's a comedy game,' explains developer of comedy game where you steal things with a very long arm
The heroes are attacked by monsters
Pillars of Eternity is getting turn-based combat to mark its 10th anniversary, and that means PC Gamer editors will soon be arguing about combat mechanics again
Image of Ronaldo from Fatal Fury: City of the Wolves trailer
It doesn't really make sense that soccer star Ronaldo is now a Fatal Fury character, but if you follow the money you can see how it happened
Junah beginning a battle in Metaphor: ReFantazio.
Today's RPG fans are 'very sensitive to feeling like they wasted time' when they die, says Metaphor: ReFantazio battle planner—but Atlus still made combat hard anyway
Image of Cersei Lanniser from Game of Thrones: Kingsroad Steam early access trailer
A new Game of Thrones RPG is coming to Steam today with a cast of 'familiar faces,' which is good because it's really the only way to tell it's a GoT game at all
The new Prime Asset featured in the upcoming update for the Outlast Trials.
The Outlast Trials puts its already paranoid players under surveillance for a time-limited story event
A Viera looking confused in Final Fantasy 14.
Old armor continues to fall victim to Final Fantasy 14's bizarre two-channel dye system, unless you're super into changing the colour of teeny-tiny eyelets: 'Why even bother at this point?'