NordVPN hit with major data breach

News
By published

NordVPN and Torguard have come clean; VikingVPN has yet to confirm

NordVPN running on an Android smartphone being held in one hand

Editor's note: NordVPN and TorGuard have both published statements on their respective sites providing more details on the incident.

One of the world's most popular VPN providers has revealed it was hacked by an unidentified party following a major data breach.

Details are still scant but the virtual private network provider has confirmed one of its datacenters was penetrated in March 2018.

"A few months ago, we became aware of an incident in March 2018 when a server at a datacenter in Finland we had been renting servers from was accessed without authorization," the company wrote in a blog post. "This was done through an insecure remote management system account that the datacenter had added without our knowledge. The datacenter deleted the user accounts that the intruder had exploited rather than notify us."

While NordVPN has a “zero log” policy that was recently independently audited, one may question the motives of the hacker or hackers. 

“The server itself did not contain any user activity logs; none of our applications send user-created credentials for authentication, so usernames and passwords couldn’t have been intercepted either,” the blog added.

“On the same note, the only possible way to abuse the website traffic was by performing a personalized and complicated man-in-the-middle attack to intercept a single connection that tried to access NordVPN.”

"This was an isolated case, and no other servers or datacenter providers we use have been affected."

Two separate VPN issues

The hackers were able to identify an insecure remote management system that was operated by the datacenter provider and had full root access to a container server thanks to an expired TLS certificate.

In the own words of fellow hacker @hexdefined, this allowed “full control of everything in it (presumably including the ability to view and tamper with all network traffic going through it)”.

To make things even more interesting, two other VPN providers, access logs of VikingVPN and Torguard were also published alongside NordVPN on 8Chan, a possible indication that all three providers used the same data center.

  • Discover the world's best services with our best VPN guide

Via Techcrunch 

TOPICS
Desire Athow
Desire Athow
Managing Editor, TechRadar Pro

Désiré has been musing and writing about technology during a career spanning four decades. He dabbled in website builders and web hosting when DHTML and frames were in vogue and started narrating about the impact of technology on society just before the start of the Y2K hysteria at the turn of the last millennium.

Latest in VPN Privacy & Security
A computer file surrounded by red laser beams
Cover your tracks: the risk of sending unencrypted files
Using an Amazon Fire Stick on a Smart TV
How to use a VPN with Fire Stick
Close up of PS5 DualSense controller leaning on a PS5
5 reasons your PS5 needs a VPN
Tor
What is Onion over VPN?
In this photo illustration a Google Play logo seen displayed on a smartphone.
Why is there so much spyware hidden in the Play Store?
PrivadoVPN running on an iPhone during TechRadar's VPN tests
Why PrivadoVPN Free is still the best free VPN for streaming
Latest in News
Google Pixel 8a in aloe green showing
Google Pixel 9a benchmark link teases the performance of the upcoming mid-ranger
Quordle on a smartphone held in a hand
Quordle hints and answers for Monday, March 17 (game #1148)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Monday, March 17 (game #379)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Monday, March 17 (game #645)
Apple iPhone 16 Pro HANDS ON
Leaked iPhone 17 dummy units may have given us our best look yet at all four models
A super close up image of the Google Gemini app in the Play Store
It's official: Google Assistant will be retired for phones this year, with Gemini taking over
More about vpn privacy security
A computer file surrounded by red laser beams

Cover your tracks: the risk of sending unencrypted files
Using an Amazon Fire Stick on a Smart TV

How to use a VPN with Fire Stick
Poco F6 Pro in white from the back showing its Camera array and branding

For a mid-range handset, the Poco F6 Pro is premium in more ways than one, but I found it hard to ignore some of its key pitfalls
See more latest
Most Popular
BraX3
This obscure brand wants to launch the most privacy-friendly smartphone ever without Google, but with a mysterious open-source OS at its core
HAMR
Seagate reportedly sold two billion GBs worth of storage to two of the world's largest tech companies
Google Pixel 8a in aloe green showing
Google Pixel 9a benchmark link teases the performance of the upcoming mid-ranger
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Monday, March 17 (game #645)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Monday, March 17 (game #379)
Quordle on a smartphone held in a hand
Quordle hints and answers for Monday, March 17 (game #1148)
Oracle
Bluehost owner is moving to Oracle Cloud, so could thousands of websites be about to migrate?
Money
Financial leaders still rely on regular tools like Excel for automation tasks over AI
Two examples of the Asus Fragrance Mouse MD101 sitting on a table
Your next computer mouse could have a fragrance compartment for aromatherapy oils – and this Asus idea is nothing to sniff at
Apple iPhone 16 Pro HANDS ON
Leaked iPhone 17 dummy units may have given us our best look yet at all four models