NordVPN Server Breach May Have Enabled Attacker to Monitor Traffic

NordVPN Server Breach May Have Enabled Attacker to Monitor Traffic

We are searching data for your request:

Forums and discussions:
Manuals and reference books:
Data from registers:
Wait the end of the search in all databases.
Upon completion, a link will appear to access the found materials.

When you use a VPN, you tend to believe your browsing information is secure and private. It usually is, however, when a server is breached that information becomes available to the attacker.

This happened to some of NordVPN's customers back in March 2018. The company stated that they've known about this information 'for a few months now'.

The server was located in Finland and did not encompass any activity logs, usernames, or passwords. However, the attacker will have been able to view the websites the users were browsing during this time.



Growing in popularity, NordVPN has been making a name for itself in the VPN world. After going through a massive advertising push, users have been flocking to use the company.

What NordVPN offers, like any other VPN company, is access to the internet via servers based in other countries. And what NordVPN offer their customers is protecting their privacy by hiding their browsing history.

NordVPN has been hacked https://t.co/QuoBf582Dgpic.twitter.com/JDw4i6lhLA

— PC Gamer (@pcgamer) October 22, 2019

However, with this server breach, the company's promise of privacy protection is a little skewed.

The Verge reported that Tom Okman, a member of NordVPN's tech advisory board said "potential attackers could have gotten only into that server and only intercept the traffic and seen what websites people are browsing — not the content, only the website — for a limited period of time, only in that isolated region."

Okman also stated that NordVPN switches the server that each customer is connected to every five minutes, and that the users could select which country they wanted to operate from.

VPN service NordVPN confirms data center breach https://t.co/hDagiwzJoC

— CNET (@CNET) October 21, 2019

This means that users would have only been impacted for a few minutes at a time. Furthermore, as this particular breached server was based in Finland, only users connected to the Finnish server would have been impacted.

Security researchers noted the breach this past weekend, and NordVPN was fast to respond in a blog post, in which they shared the information that they knew about the server breach "a few months ago".

The company said they did not disclose the information to the public as they were auditing other systems.

As per NordVPN, only the one server was breached. The issue happened because a datacenter installed a remote access system on the server, without informing the VPN provider. This system ended up being unsecure, which enabled an outsider to gain access.

The server was vulnerable between January and March 2018, however the server was only breached in March of that year.

NordVPN blames datacentre provider for server breach https://t.co/OLyZKThivY via @Hybrid_Circle#VMware#Hybrid

— HYBRID CIRCLE (@Hybrid_Circle) October 22, 2019

According to NordVPN, no other datacenters were affected, and they have since stopped working with the company that had the flawed server.

When describing the situation, Okman said "I would not call this a hack. This is an isolated security breach — hack is too powerful a word in this case."

Watch the video: Stop using VPNs for privacy. (July 2022).


  1. Vudozuru

    Great phrase and timely

  2. Guadalupe

    wonderfully valuable information

  3. Nejin

    You are wrong. Enter we'll discuss it. Write to me in PM, we will handle it.

  4. Kentigem

    In my opinion, they are wrong. I am able to prove it.

  5. Travon

    Interesting blog, added to rss reader

  6. Gocage

    Good topic

Write a message