When people use a VPN they expect it to keep them safe from having their data snooped on when browsing online. There are several VPN options out there, some providers log customer data and some do not log any data. Norad VPN claims that it has claimed a “zero logs” policy and has a vast number of users.
NordVPN spokesperson Laura Tyrell has confirmed to TechCrunch that one of its data centres in Finland was accessed in March 2018.
The attacker managed to gain access to the server which had been active for about a month, the attacker was able to exploit an insecure remote management system left by the data centre provider. The spokesperson said that NordVPN was unaware that such a system existed.
None of the applications sends user-created credentials for authentication and the data centres in Finland that are rented did not contain any user activity logs, usernames or passwords and users are safe. In a statement to Tech Crunch NordVPN said it found out about the breach a “few months ago,” but the spokesperson said the breach was not disclosed until today because the company wanted to be “100% sure that each component within our infrastructure is secure.”
A security researcher said, “While this is unconfirmed and we await further forensic evidence, this is an indication of a full remote compromise of this provider’s systems, that should be deeply concerning to anyone who uses or promotes these particular services.”
Rumours have surfaced that TorGuard and VikingVPN may have also been compromised and spokesperson for TorGuard told TechCrunch that a “single server” was compromised in 2017 but denied that any VPN traffic was accessed. TorGuard also put out an extensive statement following a May blog post, which first revealed the breach.