Rogue Security Labs has managed to uncover the email addresses and login passwords to approximately 370 paid/premium accounts allegedly attached to the NordVPN service. The hacked accounts were compiled from a string of 4 different leaks, from 3 different hackers across Syria, Japan, and Denmark over the course of October 26th to November 6th 2018. In addition to releasing customer login information, hackers also released a new ‘hack’ used to exploit different functions of PayPal through faked email addresses in order to trick companies like Nord into providing them with free VPN service. To uncover more about the incident, as well as how/where the hackers got the information the first place, Rogue Security Labs has attempted to make contact with each of the parties responsible for the leaks, but all parties have declined comment. Upon further investigation however, there appears to be no known ties behind each individual involved.
As of November 8th 2018, NordVPN has been notified of the leaks and in a statement to Rogue Security Labs made it clear that their company and service has “never been breached” and that “any accounts available online are not leaked from our servers, but matched from other databases available online.” Research into the breach is still ongoing. If you are worried that your account might have been compromised, you are advised to reach out to NordVPN customer support for more information. The problem can also be mitigated by simply changing the login password to your account itself as well. Additionally, if you use the same root password for your Nord account as you do your email or any other service, you are advised to change this as well.
** Due to the number of civilian customers/accounts involved, Rogue Security Labs has declined to share the original leaks with the general public. **