NordVPN Admits Datacenter Hack From Back In 2018

  • NordVPN picked the wrong data center provider and is now paying it with negative publicity.
  • A malicious actor has compromised the unprotected server and had it running for a full month.
  • NordVPN knew about this since a few months ago, but they opted not to disclose it yet.

NordVPN, one of the most trustworthy VPN solutions out there, has just confirmed that they were hacked after compelling evidence was published by a Twitter user called “undefined” a few hours ago. As the hacker points out, whoever compromised NordVPN had root access to a container server, which means full control. The hacker also suggests that TorGuard, VikingVPN, and OpenVPN also had their server keys and TLS certificates stolen in the past, but there’s no official confirmation about this yet. Long story short, whoever had the expired internal keys exposed could launch their own NordVPN server clones with all that this entails for the users of the popular service.

Did this actually happen, and have people fallen victims of such a nasty Man in the Middle attack? In their official response, NordVPN tries to ease the fear about the incident by stating that the server which was compromised did not contain any user activity logs or user credentials, so no critical stuff could have been intercepted by the malicious actors. Moreover, they clarify that this was an isolated case, as one of their datacenter providers has left a remote management system unprotected by mistake. That said, all of the three thousand other datacenters used by them are perfectly safe, and have been safe all along. NordVPN says they double-checked that, so we don’t have any reason to dispute them.

NordVPN states that they became aware of the compromise a few months ago, but decided not to disclose the incident immediately because they wanted to make sure that no other parts of their infrastructure had been compromised. The company is attributing this delay to a large number of servers and the complexity of their infrastructure. Of course, disclosing it now that the “undefined” hacker published his/her discoveries isn’t helping a lot with maintaining a trusting rapport with their customers. As much as bad news this would be for its users, and as damaging as it would be for their business, we would have preferred NordVPN to disclose the incident much sooner.

Recently, NordVPN completed an in-depth penetration-testing security audit by VerSprite, and they are currently undergoing their second no-logs audit, so the software is still very robust and without a doubt, one of the best in the field. Still, having 0.03% of your infrastructure compromised can have a long-lasting harmful effect on your reputation.

Update: TorGuard has also admitted that its VPN services were compromised in September 2017. They traced the actor to an 8chan user who used expired ghostbin links to prove his crime. However, and because TorGuard was using secure PKI management, its main CA key was not affected. The team of the popular VPN service realized the breach in May 2019 and figured that they had already removed the hosting reseller from their network due to other incidents.

Will you continue to trust NordVPN, or are you changing products after this incident? Let us know in the comments down below, or join the discussion on our socials, on Facebook and Twitter.

How to Watch With Love Season 2 Online from Anywhere
It looks like With Love Season 2 is promising fans romance, drama, and loads of surprises for the Diaz family, starting with...
How to Watch Britain’s Got Talent 2023 Online Free: Live Stream BGT Season 16 From Anywhere
Britain's Got Talent returns in 2023 with a brand new awesome season, and you’ll be able to stream the show online from...
How to Watch Shiny Happy People: Duggar Family Secrets Online – Stream the Docuseries from Anywhere
Shiny Happy People: Duggar Family Secrets is a new documentary series about The Duggar family and their 19 kids and counting. We...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari