NordVPN Breached Via Data Center Provider's Error
The VPN company said that one of its 3,000 servers in a third-party data center was open to exploitation through a misconfigured management tool.
NordVPN, a popular consumer VPN provider, has provided details on an intrusion that affected one of its 3,000 servers. According to the company, the March 2018 cyberattack did not expose any user credentials or history to outsiders.
In a NordVPN blog post, blog editor Daniel Markuson wrote that the breach was due to the actions of a third-party provider. He explained that the breach occurred in "…an insecure remote management system account that the datacenter had added without our knowledge. The datacenter deleted the user accounts that the intruder had exploited rather than notify us." NordVPN has since terminated its contract with the provider.
NordVPN was not alone in being hit by the attack; VPN providers TorGuard and VikingVPN were also affected. All three have said that no user data or credentials were exposed by the events.
This free, all-day online conference offers a look at the latest tools, strategies, and best practices for protecting your organization’s most sensitive data. Click for more information and, to register, here.
About the Author
You May Also Like