Trusted Reviews may earn an affiliate commission when you purchase through links on our site. Learn More

NordVPN admits an “attacker gained access” to its server

VPN provider, NordVPN, has admitted that a hacker gained access to its server back in March. 

NordVPN provide a private network for users and many sign up for the service with security in mind. Its admission to a server breach is all the more surprising as a result.

There had been previous suspicions that the platform had been hacked in some way, however this admission will, no doubt, dent NordVPN’s reputation for security. The company has blamed a third party data centre, from whom the company rented servers.

Related: Best VPN

In a statement on its website, NordVPN wrote: “A few months ago we became aware that, on March 2018, one of the datacentres in Finland we had been renting our servers from was accessed with no authorisation. The attacker gained access to the server by exploiting an insecure remote management system left by the data centre provider. We were unaware that such a system existed.”

The statement also describes the Finnish host company as having “not disclosed” this weakness in its security. The contract with the Finnish firm has been terminated as a result of the breach.

The VPN provider has said the server in question was one of around 3000 in use by the company and that the hacking of one could not see the attacker access the others. This puts the problem into perspective so, thankfully, NordVPN customers are very unlikely to be affected.

Notably, the server that was hacked, according to the statement, did not contain any “user activity logs”. NordVPN says that, as a result, no username and password information could have been taken by the attacker.

NordVPN is seemingly doing its best to restore a reputation for data privacy and security.

The company statement added: “We have undergone an application security audit, are working on a second no-logs audit right now, and are preparing a bug bounty programme. We will give our all to maximise the security of every aspect of our service, and next year we will launch an independent external audit of all of our infrastructure to make sure we did not miss anything.

“With this incident, we learned important lessons about security, communication, and marketing.”

Related: Best VPN for security and privacy

We continually check thousands of prices to show you the best deals. If you buy a product through our site we will earn a small commission from the retailer – a sort of automated referral fee – but our reviewers are always kept separate from this process. You can read more about how we make money in our Ethics Policy.

Top Paid VPN's

ExpressVPN

No.1 trusted VPN on the market, with unrestricted access to Netflix, HBO and iPlayer. Get 49% off on their one year subscription and receive a further three months completely free.

NordVPN

Save 70% off your total bill with the NordVPN 3-year subscription. You'll have one payment of £96.74 over the 3 year period making it just £2.68 per month.

ProtonVPN

Proton VPN is one of the newer VPNs on the market. It has a strong focus on privacy and has a verified no logging claim. Sign up for as little as £3.49 a month and save up to 20% on your yearly bill.

Powered by Trusted Reviews

The marketing addition might seem a little odd there. That is seemingly tagged on the statement because someone from the NordVPN marketing department posted an unfortunately timed social media post about Nord VPN being the perfect protection from hackers:

Unlike other sites, we thoroughly review everything we recommend, using industry standard tests to evaluate products. We’ll always tell you what we find. We may get a commission if you buy via our price links. Tell us what you think – email the Editor

NAV BUG FIX