NordVPN, a provider of virtual networks designed to keep user information safe from cyberattacks, has confirmed rumors of a cyberattack that occurred in March 2018.
Although the security breach occurred months ago, details are just coming to light indicating that hackers made off with valuable encryption keys used to secure the digital certificates that keep NordVPN secure. The cyberattack did not come to light until recently, but rival VPN services TorGuard and VikingVPN have also allegedly experienced similar cyberattacks resulting in similar losses. How long the hackers had access to private data or whether they used their access to commit other offenses is unclear.
As Dan Guido, CEO of security firm Trail of Bits, explains: “Compromised master secrets, like those stolen from NordVPN, can be used to decrypt the window between key renegotiations and impersonate their service to others... I don't care what was leaked as much as the access that would have been required to reach it. We don't know what happened, what further access was gained, or what abuse may have occurred. There are many possibilities once you have access to these types of master secrets and root server access..”