NordVPN hit with major data breach

News
By published

NordVPN and Torguard have come clean; VikingVPN has yet to confirm

NordVPN running on an Android smartphone being held in one hand

Editor's note: NordVPN and TorGuard have both published statements on their respective sites providing more details on the incident.

One of the world's most popular VPN providers has revealed it was hacked by an unidentified party following a major data breach.

Details are still scant but the virtual private network provider has confirmed one of its datacenters was penetrated in March 2018.

"A few months ago, we became aware of an incident in March 2018 when a server at a datacenter in Finland we had been renting servers from was accessed without authorization," the company wrote in a blog post. "This was done through an insecure remote management system account that the datacenter had added without our knowledge. The datacenter deleted the user accounts that the intruder had exploited rather than notify us."

While NordVPN has a “zero log” policy that was recently independently audited, one may question the motives of the hacker or hackers. 

“The server itself did not contain any user activity logs; none of our applications send user-created credentials for authentication, so usernames and passwords couldn’t have been intercepted either,” the blog added.

“On the same note, the only possible way to abuse the website traffic was by performing a personalized and complicated man-in-the-middle attack to intercept a single connection that tried to access NordVPN.”

"This was an isolated case, and no other servers or datacenter providers we use have been affected."

Two separate VPN issues

The hackers were able to identify an insecure remote management system that was operated by the datacenter provider and had full root access to a container server thanks to an expired TLS certificate.

In the own words of fellow hacker @hexdefined, this allowed “full control of everything in it (presumably including the ability to view and tamper with all network traffic going through it)”.

To make things even more interesting, two other VPN providers, access logs of VikingVPN and Torguard were also published alongside NordVPN on 8Chan, a possible indication that all three providers used the same data center.

  • Discover the world's best services with our best VPN guide

Via Techcrunch 

TOPICS
Desire Athow
Desire Athow
Managing Editor, TechRadar Pro

Désiré has been musing and writing about technology during a career spanning four decades. He dabbled in website builders and web hosting when DHTML and frames were in vogue and started narrating about the impact of technology on society just before the start of the Y2K hysteria at the turn of the last millennium.

Latest in VPN Privacy & Security
Tor
What is Onion over VPN?
In this photo illustration a Google Play logo seen displayed on a smartphone.
Why is there so much spyware hidden in the Play Store?
PrivadoVPN running on an iPhone during TechRadar's VPN tests
Why PrivadoVPN Free is still the best free VPN for streaming
Homepage of CloudFlare website on the display of PC, url - CloudFlare.com.
"Network blocking is never going to be the solution" – Cloudflare slams anti-piracy tactics
Panels at RightsCon 2025 during a press briefing about the latest Access Now report of internet shutdowns
2024 was the worst year on record for internet freedoms – again
Vector illustration of the word Censored in a glitch distorted style
Google, Apple, and internet restriction – how Big Tech is making censorship "much worse" according to experts
Latest in News
The Russo brothers posing for a photograph and Herman carrying a Volkswagen camper van in The Electric State
'We're optimists': AI enthusiasts Joe and Anthony Russo defend its use in movies and TV shows, but admit there are 'very real dangers' around its application
UK Prime Minister Sir Kier Starmer
UK PM says AI should soon replace civil servants
Xbox Copilot in Minecraft
Microsoft confirms Copilot can be tested by Xbox Insiders next month and shares new details about how the AI sidekick will enhance the player experience: 'It has to be about gameplay, it has to be personalized to you'
Eight Samsung TVs mounted to the wall showing different basketball games
Samsung is offering you 8 new TVs in one bundle for March Madness, in case you want to watch all games at once like a Bond villain’s lair
Image depicting hands typing on a keyboard, with phishing hooks holding files, passwords and credit cards.
Microsoft warns about a new phishing campaign impersonating Booking.com
The Steam Logo on a mobile phone in front of a wall of games.
Today’s Steam Spring Sale features my absolute favorite game of all time - here's when the sale starts and all the key info
More about vpn privacy security
Tor

What is Onion over VPN?
In this photo illustration a Google Play logo seen displayed on a smartphone.

Why is there so much spyware hidden in the Play Store?
Workers in a futuristic office

40% of IT leaders scared to admit mistakes due to workplace culture of fear
See more latest
Most Popular
Workers in a futuristic office
40% of IT leaders scared to admit mistakes due to workplace culture of fear
13-inch and 15-inch MacBook Air M4 in Sky Blue
The new Apple MacBook Air M4 has a weird quirk with its performance cores - but it's nothing to worry about
The Russo brothers posing for a photograph and Herman carrying a Volkswagen camper van in The Electric State
'We're optimists': AI enthusiasts Joe and Anthony Russo defend its use in movies and TV shows, but admit there are 'very real dangers' around its application
Xbox Copilot in Minecraft
Microsoft confirms Copilot can be tested by Xbox Insiders next month and shares new details about how the AI sidekick will enhance the player experience: 'It has to be about gameplay, it has to be personalized to you'
Image depicting hands typing on a keyboard, with phishing hooks holding files, passwords and credit cards.
Microsoft warns about a new phishing campaign impersonating Booking.com
Dune Awakening screenshot showing the exploration of The O'odham
Latest Dune Awakening trailer provides a deeper look at open-world exploration on the planet Arrakis
close-up of soundbar mesh with Sonos branding
Sonos reportedly cancels its streaming video player, but I hope it resurrects one part of it, because it could be huge
A close-up photo of an iPhone, with the App Store icon prominent in the center of the image.
Thousands of iOS apps found to expose user data and leak Stripe keys
Emily takes a selfie in front of her apartment window in Rome in Emily in Paris
Emily in Paris season 5: everything we know so far about the hit Netflix show’s return
Eight Samsung TVs mounted to the wall showing different basketball games
Samsung is offering you 8 new TVs in one bundle for March Madness, in case you want to watch all games at once like a Bond villain’s lair