The news is only now out that NordVPN was compromised back in 2018. Naturally, this is quite the blow given that before this incident, the provider was among the most reliable online privacy apps. Whether you are a current user or are in the market for a VPN, you are probably wondering whether it is still safe to use NordVPN for your online privacy needs.
In this article, we will give you the lowdown on the breach, what it means, and whether this once high-flying VPN is still worth using.
How The NordVPN Hack Happened?
According to the provider, hackers accessed one of its servers located in Finland and obtained an encryption key, which they could have used to access users’ data.
NordVPN attributes this breach to the fact that a third-party provider from whom the VPN company was renting servers installed an unsecured remote management software on the server, something NordVPN was unaware of.
Many VPN providers, this one included, rent some of their servers from external datacenters and, unfortunately, this can make the VPN service vulnerable to hackers.
By obtaining the said encryption key, which has now expired, the hackers might have been able to see some data, mainly the same kind that is available to your ISP.
Who Did The Breach Affect?
When such a security breach happens, one wonders how much and what kind of user information was compromised. NordVPN says that the attack only targeted a single server and none of its other 5000+ servers were compromised.
The hackers’ intention was likely to access information such as usernames and passwords. However, since NordVPN has a strict no-logs policy, this information was not stored on the server. The VPN provider also does not send user-created information for authentication, which goes a step further to keep customers’ identities private.
Still, the hackers could see the IP addresses of the websites that users on the Finland server were visiting but they could not see the websites’ content. As mentioned earlier, this is the same information your ISP provider is able to view.
What Has NordVPN Done About the Breach So Far?
Even though it happened in 2018, the company only decided to inform the public about the attack more than a year later. The reason for this, according to the company, is that they had to audit and reconfigure their 5000+ servers distributed all over the world, a feat that takes quite some time.
In addition to conducting an internal audit of its servers, it has stopped working with the third-party datacenter and removed that server from NordVPN’s infrastructure. The VPN company also says that it is now keener on vetting server providers to ensure such an attack does not repeat itself.
Lastly, the provider admits that its server hard drives were unencrypted but following this incident, the hard drives of all its servers are fully encrypted to prevent unauthorized access to any data written on the hard drives, thereby keeping users safer.
Can You Still Be Safe Using NordVPN?
The news that a trusted VPN such as NordVPN was attacked is definitely a cause for alarm. Hackers are always devising new ways of accessing confidential information and it is unfortunate that NordVPN was unable to catch up and prevent this from happening.
Other providers, for example, ExpressVPN have gone the extra mile and developed ironclad technology that allows servers to run on RAM only and wipes data every time a server is rebooted.
PricewaterhouseCoopers (PwC) audited ExpressVPN’s TrustedServer technology and found that indeed, ExpressVPN servers do not store any sensitive data. Therefore, ExpressVPN might be a good alternative if you are looking for a failsafe VPN service. In fact, it is one of the best VPNs to use in Canada and many other countries.
That being said, NordVPN has taken significant steps to prevent a repeat of such a breach. That is why it is still a safe bet if you simply want to access geo-blocked content or need some privacy when browsing legal content.