NordVPN Denies Data Breach Claims Amid Cybercriminal Allegations of Database Theft
NordVPN has denied claims of a data breach after a cybercriminal alleged the theft of over 10 databases, including Salesforce API keys and Jira tokens, through a brute force attack. The company asserted that the data was fabricated for testing purposes and confirmed that the March 2018 incident was linked to misconfigured remote management tools, with no user logs or VPN traffic compromised. This follows previous breaches involving NordVPN and raises concerns about potential phishing risks despite direct VPN credentials remaining secure.
Theia Market Signal Identification - AI Assisted
A cybercriminal, using the username 1011, claimed to have stolen over 10 databases via a brute force attack on NordVPN's development server. The alleged data included Salesforce API keys and Jira tokens.
NordVPN stated that the data was fictitious, created six months prior for platform testing. The company reassured that the attack in March 2018 was due to misconfigured remote management tools at a Finnish datacenter, emphasizing that no user activity logs or VPN traffic were compromised.
This incident follows previous breaches involving NordVPN and TorGuard, where private keys and sensitive configuration files were stolen. Additionally, Salesforce faced a critical vulnerability in October, exposing customer data, leading to threats from hackers demanding ransom and risks associated with exposed Jira tokens potentially allowing access to internal documentation. While direct VPN credentials were not compromised, corporate system access could enable targeted phishing campaigns, jeopardizing user privacy.
Comments