NordVPN data breach

NordVPN Data Hacked

Last updated on May 11, 2021

How to Protect Your Data against VPN’s Breaches

NordVPN, one of the most widely used VPN services in the world, has confirmed that it has been breached. With one of the largest server bases around the world and over 5,000 servers across 58 countries, it was hacked back in March 2018, despite the popular NordVPN being big on both security and privacy. News of this security breach came out just a few days ago due to the company wanting to be “100% sure that each component within our infrastructure is secure.

A Virtual Private Network works by tunneling your online data through an encrypted tunnel, making it much more difficult to be discoverable to ISPs, government agencies or any third parties that may want to steal your sensitive information. Professionals including journalists, reporters, and others with sensitive data use this form of online protection in order to safeguard their identities especially in countries with high levels of censorship.

Laura Tyrell, a spokesperson for the VPN giant explains how NordVPN was hacked saying,

One of the data centers in Finland we are renting our servers from was accessed with no authorization.”

The cybercriminal in question managed to gain access to a server that had been active for approximately one month, using an insecure remote management system, one which NordVPN wasn’t aware of. By gaining the Transport Layer Security key which is used to verify that a site is run by NordVPN, the hacker opened the door for a man in the middle attack.

When it comes to security, NordVPN is bulletproof, and as it states on the NordVPN website:

We do not store connection timestamps, session information, used bandwidth, traffic data, IP addresses, or other data. Nothing to store – nothing to share with anyone.

A spokesperson stated that user accounts and data have not been compromised in the NordVPN data breach. 

The server in question did not contain any activity logs and sensitive information such as passwords and usernames were not intercepted. Additionally, soon after the attack added measures including various audits were completed in order to maximize security and make sure nothing else was overlooked.

While many VPN companies wouldn’t even admit to such a breach, NordVPN should be commended for their transparency and the company has also canceled its contract with the data center in question, making sure that this doesn’t ever happen again.

Of course, this is not the first time such a breach has occurred. TorGuard was one such company that suffered a security breach in 2017 with a single compromised server which was removed from its network in 2018. TorGuard also terminated all business with that hosting reseller due to continuous suspicious activity.

Exact details about how the attacker gained unauthorized access are not available to the masses as yet due to there being an ongoing lawsuit.

There is also news that VPNViking suffered from a similar cyberattack, however, the company has not yet come forward about the incident.

If you want to stay safe whilst online, and have been thinking of investing in a VPN, you might wish to add some more steps to ensure complete privacy.

Think about it, you won’t just put one lock on your front door to make sure that intruders cannot break-in. Similarly, a VPN as a standalone online security precaution will only get you so far.

To maximize your online privacy, you might want to think about using a password manager as well as having a VPN. This will allow you a secure an automated spot to store your passwords as well as sensitive information such as contact numbers, addresses, social security numbers as well as your credit card details.

A password manager will require you to remember just one master password, and will take care of everything else, placing all your most valuable data in a vault.

In addition to a password manager, investing in antivirus software is a must, especially with the rates on cybercriminal attacks on the rise. Protect yourself from man in the middle attacks, worms, phishing attacks, Trojans, malware, spyware as well as fraudulent links being sent via emails and instant messages.

A reputable antivirus will have real-time protection, detecting threats as they attempt to attack your devices and alert you to them. Minimize system intrusions by lowering the chances of Why are more and cybercriminals exploiting any vulnerabilities with great antivirus software.

Remember to keep your AV updated at all times and practice safe internet habits such as not opening attachments from unknown sources. A combination of all these methods, as well as having a VPN will allow you to maximize your online internet security.

NordVPN Data Breach Conclusion

The NordVPN data breach that occurred in 2018 may have only come to light recently, but it is a problem that all VPN services potentially face. The fact that NordVPN was transparent about their issues makes them more trustworthy as a user’s potential VPN provider.

The truth of the matter is that the cyberattacks that have left NordVPN hacked, and other similar events are possible. This means that users themselves need to cover their tracks wherever possible in terms of online data protection. In addition to picking from one of our top picks of VPN, you will want to also think about installing a password manager as well as investing in reliable antivirus software.

Article comments