One of the world's most popular VPN providers has revealed it was hacked by an unidentified party following a major data breach.
Details are still scant but the virtual private network provider has confirmed one of its datacenters was penetrated in March 2018.
"A few months ago, we became aware of an incident in March 2018 when a server at a datacenter in Finland we had been renting servers from was accessed without authorization," the company wrote in a blog post. "This was done through an insecure remote management system account that the datacenter had added without our knowledge. The datacenter deleted the user accounts that the intruder had exploited rather than notify us."
While NordVPN has a “zero log” policy that was recently independently audited, one may question the motives of the hacker or hackers.
“The server itself did not contain any user activity logs; none of our applications send user-created credentials for authentication, so usernames and passwords couldn’t have been intercepted either,” the blog added.
“On the same note, the only possible way to abuse the website traffic was by performing a personalized and complicated man-in-the-middle attack to intercept a single connection that tried to access NordVPN.”
"This was an isolated case, and no other servers or datacenter providers we use have been affected."