There is a collection circulating with 14,000 NordVPN account details. This includes emails and unencrypted passwords. Change your password now and if you use the same password anywhere else, change that too!
There are NordVPN accounts circulating with Emails/Passwords Stolen, Change Your Password!
Related Stores
Comments
If you sign up to haveibeenpwned.com and your email was in the list then you would have received an email. All 3 pastebins that I was notified about have now been removed but I saved one of them as proof. Here's a screenshot with the passwords blacked out.
https://i.ibb.co/NxyB5SF/noooord.jpg
You can check your email here, https://haveibeenpwned.com/
the pastebins are at the bottom if your email was in one.I have informed NordVPN and they have replied with….
"Thanks for your cooperation, we have forwarded it to our team.
Could you please send us a link where you have found these accounts?
Please note, any accounts available online are not leaked from our servers, but matched from other databases available online.
For example if someone found out your account credentials of other services elsewhere (emails, apps), and tried them with NordVPN, and found out they matched.
Yet, we have a team that's working towards it to help our customers, to prevent any further breaches.
Looking forward to your reply."
Oh wow! That’s pretty awful. Pesky hackers
So glad I didn't sign up to Nord
EDIT: Can't find any news of this, got sauce?
/edit
The f'king irony of a VPN provider, you know, focused on internet safety and security, getting hacked.
UNENCRYPTED PASSWORDS?! WTF? This shouldn't be possible in this day and age. They should only be keeping a HASH of people's passwords, a salted hash to be safe, in any case and your plaintext password SHOULD NEVER be even getting to their servers.
The whole point of storing only hashes is so that the site CAN'T leak the passwords, even if it wanted to. Someone or something massively fk'd up here for that to have happened.