NordVPN Encryption Keys Compromised

Hi Ozbargain,

Just a heads up, since NordVPN deals seem pretty popular here, news have been floating around that their private keys were compromised.

NordVPN confirms it was hacked

https://twitter.com/kennwhite/status/1186075645962526720

Hopefully that's just a once off, and not a sign of worse to come.

Related Stores

NordVPN
NordVPN

Comments

  • +2

    No big deal IMO.
    No customer info was leaked, flaw has been patched.

    • Yes, agree with you. It is quite funny as Techcrunch is owned by other vpn provider called Verizon and their article does not give any facts though. The real problems in vpn industry is verizon’s vpn which does not provide any privacy policy more about it here https://www.techdirt.com/articles/20180807/08182440385/veriz…

    • Yeah, only customer data was possibly leaked over compromised SSL tunnels.

  • So what happens to all that historical metadata that was vacummed up?

    Are they sure that can't be used to decrypt that information…

  • +2

    The fact stand that this news only came to be published and acknowledged was due to this public airing of a breach which happened months ago.

    It all comes down to trust and Virtual PRIVATE Networks are suppose to do just that. Why didn't they acknowledge the breach and alert their users? They took the sweep it under the rug approach and were not transparent with the end user.

    While I agree that no username/passwords were breached it doesn't change the fact the company chose to sit and stay silent on this breach (no matter if this was low to medium) level breach.

    Well at least now you know why they were spending millions on ads and cheap VPN plans as they knew this information would come out.

    All companies will at some point suffer a breach, but it is how the company responds and takes responsibility for these breaches, does this then instil some public trust and confidence that further breaches won't happen. Wishing that the news of the breach does reach its users is nothing like what is quoted directly from their webpage.

    When a company says the following -

    The NordVPN name was inspired by Nordic ideals of confidence, trust, and innovation. It reflects how we value our customer freedom of choice, how we strive to be innovative with our technology and the way we work.

    In the spirit of transparency, we’ll do everything we can to keep you updated about all aspects of our service, from server status upgrades to occasional glitches. We aim to create a lasting relationship of mutual trust with you, the customers who share our deeply held values.

    No different from banks withholding information then saying 'yep we were breached, here is free credit monitoring'.

Login or Join to leave a comment