“The server itself did not contain any user activity logs none of our applications send user-created credentials for authentication, so usernames and passwords couldn’t have been intercepted either,” said the spokesperson. NordVPN did not name the data center provider. The attacker gained access to the server - which had been active for about a month - by exploiting an insecure remote management system left by the data center provider NordVPN said it was unaware that such a system existed. “One of the data centers in Finland we are renting our servers from was accessed with no authorization,” said NordVPN spokesperson Laura Tyrell. NordVPN told TechCrunch that one of its data centers was accessed in March 2018. “We don’t track, collect, or share your private data,” the company says.īut the breach is likely to cause alarm that hackers may have been in a position to access some user data. That’s left many providers open to scrutiny, as often it’s not clear if each provider is logging every site a user visits.įor its part, NordVPN has claimed a “zero logs” policy. But often that means displacing your browsing history from your internet provider to your VPN provider. These providers channel all of your internet traffic through one encrypted pipe, making it more difficult for anyone on the internet to see which sites you are visiting or which apps you are using. That’s why journalists and activists often use these services, particularly when they’re working in hostile states. VPN providers are increasingly popular as they ostensibly provide privacy from your internet provider and visiting sites about your internet browsing traffic. It first emerged that NordVPN had an expired internal private key exposed, potentially allowing anyone to spin out their own servers imitating NordVPN. The admission comes following rumors that the company had been breached. NordVPN, a virtual private network provider that promises to “protect your privacy online,” has confirmed it was hacked.
0 kommentar(er)
