In their blog post, they addressed that their services were compromised due to a breach in one of their servers in Finland.
They found out about the breach a few months ago but decided to announce it only after their whole network was safe.
Technically, as a result of the hack, their servers were being accessed without any authorizations.
To explain the problem, they mentioned that the attacker gained access to the server by exploiting an insecure remote management system by the data center provider.
In addition, NordVPN claims that it was not aware of the fact that a system like that existed in the data center.
Even though there is no way we could verify the information, the official sources might be telling the truth.
They also claim that the server did not have any activity information nor any user credentials to pose a threat. However, a personalized man-in-the-middle attack by intercepting a single NordVPN connection was potentially possible – but highly unlikely.
In case you’re wondering, NordVPN believes that is completely safe now and none of the datacenters (other than Finland’s) were affected in the breach.
What are your thoughts on NordVPN’s breach? Let us know in the comments below.