After our article on the NordVPN Hack, officials from NordVPN reached out to us clarifying the reason for the hack.
The Facts: What Actually Happened
As per the email sent to us, the official states that,
- There are no signs showing that any of our customers were affected or that their data was accessed by the malicious actor.
- While being connected to the server, the hacker could only see what an ordinary ISP would see, but it could not have been personalized or linked to a particular user.
- The intruder managed to gain access to a single server we were renting from a Finnish data center.
- The server itself did not contain any user activity logs. None of our applications send user-created credentials for authentication, so usernames and passwords couldn’t have been intercepted.
- Our service as a whole was not hacked; our code was not hacked; the VPN tunnel was not breached. The NordVPN applications are unaffected. It was an individual instance of unauthorized access to 1 of more than 5000 servers we have.
- The hacker managed to access this server because of the mistakes made by the data center owner, of which we were not aware.
- As soon as we found out about the issue, we ceased our relationship with this particular data center and shredded the server.
- It was not a targeted attack against NordVPN – as the media has discovered, at least two other VPN services were affected. There’s a chance that other services that rented servers from this data center could have been affected as well.
- The incident effectively showed that the affected server did not contain any user activity logs. To prevent any similar incidents, among other means, we encrypt the hard disk of each new server we build. The security of our customers is the highest priority for us and we will raise the standards even more.
The official has made it clear that the hack of their data center has not affected any user data and the tunnel is safe.
The company has made it clear that the mistake of the server owner resulted in the hack and no mistake was made by Nord VPN. The server was shredded on April 13th, 2019 after the breach was detected.
The clarification from the NordVPN officials has brought some comfort to the users of this reputed VPN service that puts user anonymity as its top priority.