A Virtual Private Network (VPN) is a lifesaver when it comes to accessing the internet anonymously. A lot of netizens are using VPN these days to keep their browsing information secured. NordVPN, which is recommended by popular tech blogs like CNET, TechRadar, and PCMag has admitted that it has been hacked.
There were many rumors spread about NordVPN that the company had been breached, followed by another news that the VPN had an expired internal private key exposed. This endangered the privacy of its users.
VPNs are much-in-demand among journalists, activists, and everyone who wanted to access the internet privately without revealing what they are browsing on the internet. VPN providers channelize internet traffic through encryption and thus hiding it from the rest of the world. However, whatever a user is browsing using a VPN, they are exposed to the VPN provider, and therefore, VPN providers are open to scrutiny.
In the case of NordVPN, the company made sure to its users that it follows a ‘Zero Logs’ policy, hence it does not track, collect, and share any of the information about its users.
NordVPN speaks on the data breach of one of its centers in March 2018. Laura Tyrell, the spokesperson of NordVPN, said that “One of the data centers in Finland we are renting our servers from was accessed with no authorization.”
Clarifying more on the incident, they said that hackers took advantage of an insecure data management system at one of its centers and accessed the server for about a month. The company accepted that it was not aware of such a loophole in the system. Till now, NordVPN didn’t mention the name of the data center that was compromised.
“The server itself did not contain any user activity logs, none of our applications send user-created credentials for authentication, so usernames and passwords couldn’t have been intercepted either. On the same note, the only possible way to abuse the website traffic was by performing a personalized and complicated man-in-the-middle attack to intercept a single connection that tried to access NordVPN.”, as stated by the spokesperson of NordVPN.
However, NordVPN has also said that the key exposed to hackers can’t be exploited to access other data centers. If we believe the tech sources, the company had found the breach a few months ago, but the spokesperson, denying this fact, says that the breach was not disclosed before today. Further added, that the company always tried to ensure 100% security of users’ data and privacy.
One of its security researchers revealed that the company is avoiding the future issues of being attacked by hackers on its other servers as well. The researcher said that the situation is like, “Your car was just stolen and taken on a joy ride, and you’re quibbling about which buttons were pushed on the radio? They spent millions on ads, but apparently nothing on effective defensive security”.
The company, in its favor, said that all the data servers have intrusion detection systems installed, but uncertainty occurs, and no one in the company knew about the weak remote management system. Eventually, NordVPN has confirmed about the breach and ensure that other servers are secure to access. After this incident came to light, it has been anticipated that probably there are many other VPN providers that may have been breached. Users should be, therefore, very careful and alert before opting for any VPN service next time.