Security Operations, Data Security

NordVPN denies breach claims after hacker posts alleged data

(Adobe Stock)

According to a report by HackRead, a hacker known as 1011 has claimed to have breached a NordVPN development server, posting what they allege are database dumps and configuration samples on BreachForums. The hacker titled the post “nordvpn.com SalesForce - leaked, Download!” and asserted that access was gained by brute-forcing a misconfigured system.

The alleged leak included Salesforce API keys, Jira tokens, and source code from over 10 databases. A screenshot displayed data structures but lacked clear links to NordVPN's production systems. NordVPN responded, stating their internal systems were not compromised. They explained the files originated from a test environment used six months prior to evaluate a third-party platform. This trial was brief, no contract was signed, and no production systems were connected. NordVPN clarified that no sensitive customer data, real API keys, or internal source code were shared with the vendor.

NordVPN maintains the leaked data was from an isolated sandbox environment containing dummy content, not linked to any live service. The company is investigating further with the vendor involved.

Source: HackRead

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds