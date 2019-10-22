NordVPN is one of the biggest virtual private network (VPN) providers across the globe. The company claims to “protect your privacy online.” Now contrary to their claim they have confirmed to be hacked. The company confirmed this after it was revealed that NordVPN had an expired internal private key exposed, potentially allowing anyone to spin out their own servers imitating the service.

VPN providers channel users internet traffic through encrypted pipes, which makes it difficult for anyone to track your internet usage. However, this means that the VPN provider gets your data instead, which they might log. NordVPN, on the other hand, claims to have a strict zero logs policy. On their website they claim “We don’t track, collect, or share your private data.”

NordVPN has told TechCrunch that one of its data centres in Finland was accessed in March 2018. The company states that the attacker gained access into the server by exploiting an insecure remote management system left by the data centre provider.

The company claims that the server did not consist of any user activity logs as none of its applications sends user-created credentials for authentication. The only abuse that could have been made was by performing a personalised and complicated man-in-the-middle attack to intercept a single connection. The company claims to have waited this long to disclose the breach as it wanted to make sure that each component within its infrastructure was secure.

NordVPN also told TechCrunch that it installs intrusion detection systems to detect early breaches, however, it is impossible to know about an undisclosed remote management system left by the data centre provider.

The report also claims that several other VPN providers like TorGuard and VikingVPN may have been breached around the same time this breach happened.