Η NordVPN announced that one of its servers was breached in March 2018, exposing the browsing habits of customers who used the VPN service to not disclose their personal data.
Η NordVPN reports that the compromised server is located in Finland and does not contain logs, usernames or passwords. However, the attacker could see the activity of internet users during a connection, although according to the company the content of the sites would most likely be encrypted.
In recent years h NordVPN appears too much on the internet due to a very aggressive advertising promotion. You will often see ads and posts related to NordVPN. Everyone claims that this is a super duper secure company, although we all know that there is no security online.
The company promotes its product as a very reliable way to keep your online life private, but server breaches may pose new potential customers.
Of course the company is trying to downplay the fact. Tom Okman, a company executive, told TheVerge:
Attackers could only have compromised this server to track traffic and see which web pages they were browsing and not the content, only the webpage - for a limited time, and only in this isolated area.
Okman reported that NordVPN usually changes the server each user connects to every five minutes or so, but users can choose the country to connect to. This means that users would be affected for minimal periods of time.
Details of the breach began circulating over the weekend by security investigators. In one Publication on the company blog this morning, the NordVPN stated that he had been aware of the breach for "a few months", but did not immediately disclose the problem because he wanted to control the other systems;
According to the company, the violation was limited to a single server.
The server was vulnerable between January 31, 2018 and March 20, 2018, but the NordVPN believes it was violated only once, in March.
The attack did not affect any other data centers, the company said, and that it stopped cooperating with the company that provided them with that server.
Can a breach be as painless as the company describes?
Okman states that the company does not believe that information has been leaked, and that the NordVPN will notify its customers of the breach via email, something it should have done months ago.
"I wouldn't call this a hack", Said Okman. "It's an isolated security breach - hack is a very powerful word in this case. "