NordVPN, one of the most popular and widely used VPN services out there, yesterday disclosed details of a security incident that apparently compromised one of its thousands of servers based in Finland.
Earlier this week, a security researcher on Twitter disclosed that “NordVPN was compromised at some point,” alleging that unknown attackers stole private encryption keys used to protect VPN users traffic routed through the compromised server.
In response to this, NordVPN published a blog post detailing about the security incident, and here we have summarized the whole incident for our readers to let you quickly understand what exactly happened, what’s at stake, and what you should do next.
Some of the information mentioned below also contains information The Hacker News obtained via an email interview with NordVPN.
What has been compromised? — NordVPN has thousands of servers across the world hosted with third-party data centers. One such server hosted with a Finland-based datacenter was unauthorizedly accessed on March 2018.
How did it happen? — The company revealed that an unknown attacker gained access to that server by exploiting “an insecure remote management system left…