Credential Stuffing Attacked NordVPN Users
It is reported that at least ten lists are now available on the Internet that contained NordVPN user credentials. In addition, 2,000 accounts’ passwords have already been exposed. Whereas the number of customers affected is about 5,700, while duplicates and similar sets may be included in the count. The same was confirmed by “Have I Been Pwned,” where users can take NordVPN to see if they are among those affected. Most of the sites that have these lists have been deleted or removed, but there is a Github, and almost definitely the darknet is still distributing them on several networks. VPN
All of these lists are not the result of a violation of any of the NordVPN networks. It was most likely that the infected users have not been vigilant enough, or have not used a single and secure password and have not updated their passwords lately. Yet NordVPN may help to build a safer environment, encouraging its users to periodically change their passwords, use a password manager and detect phishing sites or other such efforts. Also, the Internet company has recently unveiled a new strategy to protect the site.
One thing NordVPN could continue to do now is to proactively browse the worlds of the dark Web, look for passwords and notify its customers about the information related to their data. Other companies can assist with the problem as a whole, as a new list can be identified by sending it to another organization in time, etc. This includes working hours, but big, successful companies like NordVPN should dedicate themselves to the health of their customers. Although many people just want to use VPNs to unblock websites, most poeple sitll had huge need for protecting their privacy data with VPNs.
Just a few days ago, a server in a network of data centers that operated with NorthVPN was impacted by hacking behaviors. The organization discovered this a few months ago and the incident is still being investigated, but it was revealed by an anonymous hacker. The reciprocation of Publicity was significantly detrimental, which shook the trust of its clients. While the new news is not related to this case, the negative publicity in history is definitely giving NordVPN a headache. Nevertheless, it appears to be one of the most trusted and successful firms on the VPN market.
“Our security team proactively checks these lists of credentials on both public and the secret websites, and we advise our customers to change their passwords,” said the NordVPN. In the past year, NordVPN has contacted over 50 thousand consumers and informed them to update their passwords, but only around 50 percent actually did that.
In this attack, 2,000 accounts were matched, this is a concern, although NordVPN has a total of 12M customers. NordVPN has always focused on preventive approaches, such as rates-limiting, intelligent detection systems and in addition, 2FA. NordVPN also encourages its consumers to keep special and secure passwords across the social media channels, forums and consumer newsletters.