NordVPN Breached Via Data Center Provider's Error
The VPN company said that one of its 3,000 servers in a third-party data center was open to exploitation through a misconfigured management tool.
NordVPN, a popular consumer VPN provider, has provided details on an intrusion that affected one of its 3,000 servers. According to the company, the March 2018 cyberattack did not expose any user credentials or history to outsiders.
In a NordVPN blog post, blog editor Daniel Markuson wrote that the breach was due to the actions of a third-party provider. He explained that the breach occurred in "…an insecure remote management system account that the datacenter had added without our knowledge. The datacenter deleted the user accounts that the intruder had exploited rather than notify us." NordVPN has since terminated its contract with the provider.
NordVPN was not alone in being hit by the attack; VPN providers TorGuard and VikingVPN were also affected. All three have said that no user data or credentials were exposed by the events.
This free, all-day online conference offers a look at the latest tools, strategies, and best practices for protecting your organization’s most sensitive data. Click for more information and, to register, here.
About the Author
You May Also Like
Transform Your Security Operations And Move Beyond Legacy SIEM
Nov 6, 2024Unleashing AI to Assess Cyber Security Risk
Nov 12, 2024Securing Tomorrow, Today: How to Navigate Zero Trust
Nov 13, 2024The State of Attack Surface Management (ASM), Featuring Forrester
Nov 15, 2024Applying the Principle of Least Privilege to the Cloud
Nov 18, 2024