SkipToMainContent

Emerging Threats

A popular VPN service provider announces data breach - What you should know

NordVPN confirmed a data breach occurred in March 2018 at a datacenter where the company routed some of its customers’ internet traffic.

NordVPN provides virtual private networks, which encrypt and reroute its customers’ internet activity. VPNs are designed to help keep data you send and receive online private and secure.

Here are details about the NordVPN data breach you should know.

  • Where did the data breach happen? A Finnish datacenter from which NordVPN was renting servers was accessed without authorisation in early 2018.
  • When was the data breach announced? NordVPN acknowledged the breach on October 21, 2019.
  • How did the data breach occur? The cyberattacker gained access to the server by exploiting a vulnerable remote management system of the server provider.
  • Were user credentials accessed? No usernames or passwords were intercepted.
  • Were user activity logs accessed? The server did not contain user activity logs.

NordVPN published a blog post about the data breach. The company detailed steps it has taken since the breach, including terminating its contract with the server provider.

NordVPN said it’s unlikely any user data was compromised.

I use a VPN — should I be concerned about online privacy and security?

If you use a VPN or are considering getting one, you’re probably thinking about online privacy and security. A lot of companies offer a VPN service. That includes Norton LifeLock with Norton Secure VPN.

Here are some questions to consider when choosing a VPN provider.

  • Does the VPN provider respect your online privacy? VPN providers should have a no-log policy. That means they don’t track your online activity.
  • What protocol do they run? OpenVPN — an open-source software that supports all of the major operating systems — is considered strong security.
  • Where are servers located? You might want to access the web from a certain area. If so, make sure your VPN provider has a server in that area.
  • Are there data limits? Check to see if a potential VPN service provides unlimited bandwidth and no data limits.
  • What is the cost? Some VPN services are free, but they may support their business in other ways such as tracking and selling browsing history to third parties for marketing purposes. You might prefer a paid option.


In today’s connected world, you need more than just antivirus to protect your devices and online privacy . Find out how Norton 360 includes Device Security, A VPN, Password Manager and more, all in a single solution. 
 


 

Copyright © 2020 NortonLifeLock Inc. All rights reserved. NortonLifeLock, the NortonLifeLock Logo, the Checkmark Logo, Norton, LifeLock, and the LockMan Logo are trademarks or registered trademarks of NortonLifeLock Inc. or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Android, Google Chrome, Google Play and the Google Play logo are trademarks of Google, LLC. Mac, iPhone, iPad, Apple and the Apple logo are trademarks of Apple Inc., registered in the U.S. and other countries. App Store is a service mark of Apple Inc. Alexa and all related logos are trademarks of Amazon.com, Inc. or its affiliates. Microsoft and the Window logo are trademarks of Microsoft Corporation in the U.S. and other countries. The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution License. Other names may be trademarks of their respective owners.