rwt-as logo
Story image

Hackers access NordVPN server, users unaffected

23 Oct 2019

NordVPN announced that one of its servers was breached in 2018, allowing a malicious actor to access the server it was renting from a Finnish data centre.

The company issued a media statement saying there are no signs showing that any of its customers were affected or that their data was accessed by the attacker.

While being connected to the server, the hacker could only see what an ordinary ISP would see, but it could not have been personalised or linked to a particular user.

The server itself did not contain any user activity logs.

The statement said that none of NordVPN’s applications send user-created credentials for authentication, so usernames and passwords couldn't have been intercepted.

“Our service as a whole was not hacked; our code was not hacked; the VPN tunnel was not breached.

“The NordVPN applications are unaffected. It was an individual instance of unauthorised access to 1 of more than 5000 servers we have.”

The hacker managed to access this server because of the mistakes made by the data centre owner, of which NordVPN was not aware.

As soon as we found out about the issue, the company ceased its relationship with this particular data centre and shredded the server.

The stamement said it was not a targeted attack against NordVPN as at least two other VPN services were affected.

To prevent any similar incidents, among other means, NordVPN encrypts the hard disk of each new server it builds.

“The security of our customers is the highest priority for us.”

Timeline:

1. The affected server was brought online on January 31st, 2018.

2. Evidence of the breach appeared in public on March 5th, 2018.

3. The potential for unauthorised access to the server was restricted when the data centre deleted the undisclosed management account on March 20th, 2018.

4. The server was shredded on April 13, 2019 – when NordVPN suspected a possible breach.

ESET cybersecurity specialist Jake Moore says, “No doubt privacy purists will jump on this and try to call Nord and other services out, but using a VPN is still hugely advised to protect online anonymity.

“This is especially true in hostile states, where some apps or websites are banned.

“VPNs are also extremely useful when using public Wi-Fi, and this news shouldn’t put you off. It will still be more secure to use a VPN than not using one at all,” he says.

Story image
Apple pledges 100% carbon neutrality by 2030
The commitment includes efforts to reduce carbon emissions by bolstering the use of low-carbon or recycled materials, investment into energy-efficient projects, as well as investment in conservation and environmental restoration programmes around the world.More
Download image
Go passwordless with the Crypto-of-Things
Common password/OTP authentication is riddles with security weak points - so why is the Crypto-of-Things a better solution?More
Story image
It's time to sculpt the future of hybrid work, says Poly report
“The next normal is all about hybrid working moving to the mainstream as we respond, redesign and reinvent — flexible working across multiple locations, with immersive, productive workspaces that accommodate the work style of every employee."More
Story image
Hands-on review: Bose Noise Cancelling Headphones 700
The 700s follow in the footsteps of the QuietComfort 35 II and are a must-have for travelling businesspeople and audiophiles alike. More
Story image
Interview: ThreatQuotient champions threat intelligence through virtual 'situation rooms'
To understand what it involves and some of the collaboration challenges that come with distributing threat intelligence amongst specialised security teams, we spoke to ThreatQuotient APJC regional director Anthony Stitt.More
Story image
Forcepoint Dynamic Edge Protection delivers data-centric SASE solutions
The Dynamic Edge Protection suite includes new cloud security gateway and private access offerings through its SASE solution architecture.More