Virtual private network provider NordVPN discloses 2018 breach
NordVPN, a major virtual private network provider with 12 million users worldwide, today disclosed that it suffered a security breach last year.
VPN applications such as NordVPN aim to enhance usersā privacy by routing their web traffic through encrypted connections that are for all intents and purposes isolated from the rest of the network. The connections run through servers operated by the service provider.Ā
According to NordVPN, last yearās breach saw a hacker compromise one of the rented servers it used for this purpose. The machine in question was running inside a Finnish data center and belonged to an unnamed hosting firm with whom NordVPN has since severed ties. The attacker gained accessed by exploiting a vulnerable remote management application that the hosting firm had installed on the server without notice, NordVPN said.Ā
NordVPNĀ technicians discovered the breach a few months ago and launched a security audit. The provider claims that no usernames or passwords were exposed, nor could the hacker exploit the compromised server to decrypt traffic processed by other nodes.
The attacker did, however, have access to the web activity of users whose requests were routed through the compromised machine. Moreover, TechCrunch reported,Ā attacker may have had the ability to set up malicious servers masquerading asĀ NordVPN systems. A security researcher who spoke with the outlet on condition of anonymity described the incident as ādeeply concerning.ā
NordVPN said that itās taking steps to avoid similar breaches in the future. The provider is preparing to launch a new security audit of its infrastructure, intends to retain outside experts for an independent evaluation next year and will set up a bug bounty program. Bug bounty programs encourage the cybersecurity community to report weaknesses in a companyās systems by offering financial rewards for submissions.
NordVPNās disclosure comes just hours after Avast Software s.r.o., one of the worldās largest antivirus providers, revealed that its network was breached via a poorly configured VPN account. The company said it believes that the hackers were targeting the business unit responsible for developing its CCleaner tool for removing unwanted files.Ā
Photo:Ā Unsplash
Since youāre here ā¦
ā¦ Weād like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.ās business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we donāt have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary onĀ SiliconANGLEĀ ā along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams atĀ theCUBEĀ ā take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.
If you like the reporting, video interviews and other ad-free content here,Ā please take a moment to check out a sample of the video content supported by our sponsors,Ā tweet your support, and keep coming back toĀ SiliconANGLE.
Gloss