NordVPN confirms it was hacked October 21, 2019 https://techcrunch.com/2019/10/21/nordvpn-confirms-it-was-hacked/
TorGuard, NordVPN Respond to Breach Reports October 21, 2019 https://www.securityweek.com/torguard-nordvpn-respond-breach-reports NordVPN: Why the NordVPN network is safe after a third-party provider breach TorGuard: Why TorGuard’s Network is Secure After an Isolated 2017 Server Breach
There's an informative HN discussion: https://news.ycombinator.com/item?id=21312609 From https://techcrunch.com/2019/10/21/nordvpn-confirms-it-was-hacked/ I'm not entirely surprised that a PR flack wasn't aware of remote maintenance stuff. But I am surprised that their engineers didn't get it locked down. I mean, I do -- and I'm just an amateur/hobbyist.
NordVPN Plans Security and Privacy Upgrades After Hack October 29, 2019 https://www.bleepingcomputer.com/ne...ans-security-and-privacy-upgrades-after-hack/
https://www.wilderssecurity.com/threads/nordvpn-app-sends-sensitive-data-to-various-trackers.412396/ https://www.wilderssecurity.com/thr...nd-secure-vpn-connection.419285/#post-2844102 https://www.wilderssecurity.com/thr...-between-nord-and-mulvad.411515/#post-2799913
NordVPN users’ passwords exposed in mass credential-stuffing attacks Many of the dumps have been pulled off public Web pages, but at least one remains November 1, 2019 https://arstechnica.com/information...-exposed-in-mass-credential-stuffing-attacks/
NordVPN Fixed Two Critical Flaws That Could Have Exposed Client Data March 7, 2020 https://www.technadu.com/nordvpn-fixed-two-critical-flaws-that-could-have-exposed-client-data/94727/
Damn, that is a crazy bug Yet another reason to sign up via Tor, use well-mixed Bitcoin, and throwaway email addresses.
One year after server hackers left NordVPN red-faced, firm's first colocated setup is online NordVPN has hit the go-live button for the first of its colocated server setups October 12, 2020 https://www.theregister.com/2020/10/12/roundup_week_oct9/