Arab Press

بالشعب و للشعب
Monday, Aug 11, 2025

NordVPN hit with major data breach

NordVPN hit with major data breach

NordVPN and TorGuard have both published statements on their respective sites providing more details on the incident.

One of the world's most popular VPN providers has revealed it was hacked by an unidentified party following a major data breach.

Details are still scant but the virtual private network provider has confirmed one of its datacenters was penetrated in March 2018.

"A few months ago, we became aware of an incident in March 2018 when a server at a datacenter in Finland we had been renting servers from was accessed without authorization," the company wrote in a blog post. "This was done through an insecure remote management system account that the datacenter had added without our knowledge. The datacenter deleted the user accounts that the intruder had exploited rather than notify us."

While NordVPN has a “zero log” policy that was recently independently audited, one may question the motives of the hacker or hackers.

“The server itself did not contain any user activity logs; none of our applications send user-created credentials for authentication, so usernames and passwords couldn’t have been intercepted either,” the blog added.

“On the same note, the only possible way to abuse the website traffic was by performing a personalized and complicated man-in-the-middle attack to intercept a single connection that tried to access NordVPN.”

"This was an isolated case, and no other servers or datacenter providers we use have been affected."


Two separate VPN issues

The hackers were able to identify an insecure remote management system that was operated by the datacenter provider and had full root access to a container server thanks to an expired TLS certificate.

In the own words of fellow hacker @hexdefined, this allowed “full control of everything in it (presumably including the ability to view and tamper with all network traffic going through it)”.

To make things even more interesting, two other VPN providers, access logs of VikingVPN and Torguard were also published alongside NordVPN on 8Chan, a possible indication that all three providers used the same data center.

Newsletter

Related Articles

Arab Press
0:00
0:00
Close
Armenia and Azerbaijan to Sign US-Brokered Framework Agreement for Nakhchivan Corridor
British Labour Government Utilizes Counter-Terrorism Tools for Social Media Monitoring Against Legitimate Critics
WhatsApp Deletes 6.8 Million Scam Accounts Amid Rising Global Fraud
Texas Residents Face Water Restrictions While AI Data Centers Consume Millions of Gallons
India Rejects U.S. Tariff Threat, Defends Russian Oil Purchases
United States Establishes Strategic Bitcoin Reserve and Digital Asset Stockpile
Thousands of Private ChatGPT Conversations Accidentally Indexed by Google
China Tightens Mineral Controls, Curtailing Critical Inputs for Western Defence Contractors
JPMorgan and Coinbase Unveil Partnership to Let Chase Cardholders Buy Crypto Directly
British Tourist Dies Following Hair Transplant in Turkey, Police Investigate
WhatsApp Users Targeted in New Scam Involving Account Takeovers
Trump Deploys Nuclear Submarines After Threats from Former Russian President Medvedev
Germany’s Economic Breakdown and the Return of Militarization: From Industrial Collapse to a New Offensive Strategy
Germany Enters Fiscal Crisis as Cabinet Approves €174 Billion in New Debt
IMF Upgrades Global Growth Forecast as Weaker Dollar Supports Outlook
Politics is a good business: Barack Obama’s Reported Net Worth Growth, 1990–2025
UN's Top Court Declares Environmental Protection a Legal Obligation Under International Law
"Crazy Thing": OpenAI's Sam Altman Warns Of AI Voice Fraud Crisis In Banking
Japanese Prime Minister Vows to Stay After Coalition Loses Upper House Majority
President Trump Diagnosed with Chronic Venous Insufficiency After Leg Swelling
Man Dies After Being Pulled Into MRI Machine Due to Metal Chain in New York Clinic
FIFA Pressured to Rethink World Cup Calendar Due to Climate Change
Iranian President Reportedly Injured During Israeli Strike on Secret Facility
Kurdistan Workers Party Takes Symbolic Step Towards Peace in Northern Iraq
BRICS Expands Membership with Indonesia and Ten New Partner Countries
Elon Musk Founds a Party Following a Poll on X: "You Wanted It – You Got It!"
AI Raises Alarms Over Long-Term Job Security
Russia Formally Recognizes Taliban Government in Afghanistan
Saudi Arabia Maintains Ties with Iran Despite Israel Conflict
Mediators Edge Closer to Israel-Hamas Ceasefire Agreement
Germany Seeks Taliban Deal to Deport Afghan Migrants
Emirates Airline Expands Market Share with New $20 Million Campaign
Robots Compete in Football Tournament in China Amid Injuries
China Unveils Miniature Insect-Like Surveillance Drone
Marc Marquez Claims Victory at Dutch Grand Prix Amidst Family Misfortune
Iran Executes Alleged Israeli Spies and Arrests Hundreds Amid Post-War Crackdown
Trump Asserts Readiness for Further Strikes on Iran Amid Nuclear Tensions
Qatar Airways Clears Backlog of Passengers Following Missile Threats
Iran's Parliament Votes to Suspend Cooperation with Nuclear Watchdog
Trump Announces Upcoming US-Iran Meeting Amid Controversial Airstrikes
Trump Moves to Reshape Middle East Following Israel-Iran Conflict
NATO Leaders Endorse Plan for Increased Defence Spending
U.S. Crude Oil Prices Drop Below $65 Amid Market Volatility
“You Have 12 Hours to Flee”: Israeli Threat Campaign Targets Surviving Iranian Officials
Oman Set to Introduce Personal Income Tax, First in Gulf
Germany and Italy Under Pressure to Repatriate $245bn of Gold from US Vaults
Trump Praises Iran’s ‘Very Weak’ Response After U.S. Strikes and Presses Israel to Pursue Peace
WATCH: Israeli forces show the aftermath of a massive airstrike at Iran's Isfahan nuclear site
We have new information and breaking details to share about what is shaping up to be a historic air campaign tonight
Six Massive Bombs Dropped on Fordow; Trump: 'A Historic Moment for the U.S., Israel, and the World'
×