These days no person or company is safe from online threats. In fact, NordVPN, who we’ve partnered with, has confirmed that they were hacked on one of their remote servers early last year, in 2018. They’ve only publicized this news recently, and here’s what you need to know.
Where & How the Hack Occurred
If you already use NordVPN, you’ll know that they have many servers in different countries that you can connect to. This hack occurred on a single NordVPN server located in Finland.
NordVPN was renting this Finnish server from a data centre. However, the data centre had installed a remote management account on the server which NordVPN claims they were not aware of. This remote management account was not secured properly, which is how the hackers managed to gain access to the server.
What Was Breached?
The intruder was not able to access any sensitive information on the servers. The only information they had access to were TSL keys, which is often used in sophisticated MITM attacks but which NordVPN claims “could not and cannot be used to decrypt any encrypted NordVPN traffic data.“
There are also no signs that the hacker tried to monitor any of the traffic passing through the server and no user credentials for NordVPN customers were affected. NordVPN has also terminated its contract with this data center and began auditing its entire service.
Additionally, the attack does not appear to be targeted, as two other VPN providers were impacted in the same attack.
What NordVPN is Doing Now
To prevent hackers from obtaining their user activity logs, NordVPN has encrypted the hard disk of all their new servers. A new security plan has also been unveiled by the company with these 5 courses of action:
- Partnerships with a top cybersecurity consulting firm and cybersecurity thought leaders
- Bug bounty program
- Infrastructure security audit
- Vendor security assessment and higher security standards
- Diskless servers
And of course, if you’re already a NordVPN user you can be assured that your account credentials are not leaked and the service is now more secure than ever. Having said that, it’s always a good idea to change your passwords when something like this happens. Even if they weren’t affected, we should all be updating our passwords regularly anyways.
No company or individual is safe in this digitally-connected age but you can always do more by taking control of your online privacy.
And of course, at FixMeStick we will always try our best to keep you updated on any current news in the cybersecurity world so you can stay informed!
If you have any questions or concerns feel free to leave them in the comments below or send us an email at firstname.lastname@example.org.