HomeNewsNordVPN confirms data center breach

NordVPN confirms data center breach

If you purchase via links on our reader-supported site, we may receive affiliate commissions.

NordVPN, a well known virtual private network said on Monday that there was a was data breach in 2018. The company said that the impact from the hack was insignificant so far, but it plans to upgrade its security setup.

The VPN company announced the March 2018 data breach on Monday, and it was reported earlier by TechCrunch. An illegal user got access to a lone server in a Finland data center that NordVPN was leasing from an unnamed provider, which did not reveal the hack. NordVPN mentioned that no passwords or username were intercepted.

More About The NordVPN Data Breach

Technicians at the organization discovered an account of the data breach a few months ago, which led to a security examination. The VPN provider said it discontinued its contract with the data center and confirmed that none of its servers could be accessed in the same manner. In a press release on Monday, the company said “We are taking all the vital means to strengthen our security. We have undertaken an application security review. We are also working on another no-logs audit right now. And we are planning a bug bounty plan.

We will do all we can to maximize the security of each phase of our service. We will launch an independent external audit of our infrastructure next year, to make sure that nothing is left out.”

A member of NordVPN’s tech advisory board,  Tom Okman,  told CNET that NordVPN is advancing its standards for the data centers it has contracted with. Okman said they accept that better methods could have been applied.

Okman said, “We are now undergoing an internal audit, so we are likely to set higher requirements for them, just to confirm that this incident will not happen again in the future,”.

Okman blamed the long delay in verifying the leak to an exhaustive review of NordVPN’s infrastructure.

He said, “We had to contact multiple centers around the world, to audit and confirm that there was no unverified account on any other server”.



Subscribe to SecureBlitz Newsletter

* indicates required
Abraham Faisal
Abraham Faisal
Abraham Faisal is a professional content writer. He has a strong passion for online privacy, cybersecurity and blockchain and is an advocate for online privacy. He has been writing about these topics since 2018 and is a regular contributor to a number of publications. He has a degree in Computer Science and has in-depth knowledge of the ever-evolving world of digital security. In his free time, he likes to travel and explore new cultures.


Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.