NordVPN one of the popular VPN services that promotes itself as a tool for protecting your online privacy says it was hacked. The company admitted that it was hacked after reports surfaced online that the company had been breached.
One of the rumors said that the compromised due to the leakage of one of their expired private keys, meaning that anyone can set up a server imitating the VPN service.
The company recently stated that one of its data centers was indeed breached in March 2018. It was reported that an unauthorized user gained access to one of the company’s data centers in Finland, which NordVPN was renting from a third-party provider.
The provider, who remained anonymous from the report, apparently did not disclose any details about the breach until NordVPNS’s tech team discovered about the issue a few months ago.
The hacker reportedly exploited an insecure remote management system left by the data center provider; that the VPN service company didn’t know existed in the first place.
NordVPN said it has already performed a security audit and has terminated its contract with the provider. They have also secured other data centers to ensure they cannot be accessed similarly.
No usernames or passwords were leaked since “the server itself did not contain any user activity logs,” stated a spokesperson to TechCrunch. The leaked expired key itself could not be used to decrypt the VPN traffic on any other server, the spokesperson added.
The company stated that “the only possible way to abuse the website traffic was by performing a personalized and complicated man-in-the-middle attack to intercept a single connection that tried to access NordVPN.”
NordVPN is not alone in this, though, other VPN services like VikingVPN and TorGuard have also been affected similarly. TorGuard says only a single server was breached back in 2017, but no VPN traffic was accessed.