When it comes to protecting online privacy, many people prefer Virtual Private Networks or VPNs. However, how do you guarantee your internet privacy when VPN servers get hacked? NordVPN, one of the most popular VPNs used by millions of users around the world, has confirmed that one of its servers was hacked back in March 2018.
An expired internal security key has been blamed for the breach. The company says that one of the data centers situated in Finland was accessed in an unauthorized manner. The hacker managed to breach the server by exploiting an insecure remote management system deployed by the data center provider. NordVPN says that it did not know about any such system prior to the breach.
NordVPN has confirmed that the hacked server did not contain any user data, including credentials as it does not log user data. Therefore, there is no chance that any user data was stolen from the server. The company has also said that there is no means to use the expired private key could for decrypting the VPN traffic on its other servers.
However, a bad actor could perform a tailor-made man-in-the-middle attack for a single connection accessing the NordVPN.
The VPN provider acknowledged that the breach of the server happened “a few months ago” but the reason why they did not divulge the information as they wanted to be “100% sure that each component within our infrastructure is secure.”
According to TechCrunch, NordVPN isn’t the only VPN provider that was hacked last year. It is believed that TorGuard and VikingVPN were also compromised in previous incidents.
Now, after the report of the breach, if you want to switch to any other VPN, here is the list of best VPNs you can refer to.