← Return to Blog

October 25, 2019

The NordVPN Hack – 3 Ways VyprVPN Keeps Your Data Safe

NordVPN suffered a data security breach in March 2018, admitting the hack yesterday—and NordVPN isn’t alone. Its report comes in the wake of similar hacks on TorGuard and VikingVPN.

VPN users like you deserve privacy, internet freedom and the chance to protect yourself online. That’s why we’re paying close attention to the NordVPN breach to keep your data safe.

What To Know About The Breach

To those who haven’t heard the news, TechCrunch reported:

  1. NordVPN rented servers from a Finland data center.
  1. Hackers gained access to one rented Finnish server.
  1. Hackers stole an “expired” encryption key.
  1. The Finland data center patched the vulnerability.
  1. The Finland data center did not disclose the breach.
  1. NordVPN found out about the hack in March 2018 but did not disclose it to the public until now.

NordVPN insists it lost no customer usernames or passwords and emphasizes that the stolen encryption key was expired. But if the Finland data center hid the vulnerability, can NordVPN trust that the encryption key is indeed expired?

Your personal privacy online and your Internet freedom matter—and protecting these rights is our business. Here’s how VyprVPN makes sure your data stays secure.

1. Your Privacy, Protected

Keeping your data safe means choosing servers you trust when accessing the Internet on your VPN. Want to evade censorship in China? Choose a server pool in the US. Want to watch the Great British Bake Off in the UAE? Go with British servers.

Sounds simple enough—but there’s a risk: what if hackers control a server in a country’s server pool?

With a fake server, hackers don’t need a password or username to steal personal information. Accidentally use a hacker’s server, and they’ll see what you see.

Take a job application, for example. Should a user fill out a job application on a hacker’s server, hackers won’t need your username or password to know:

  • Your Name
  • Your SSN
  • Your Driver’s License

Worse, if your business uses this server, it could implicate not only you but your business and its users.

So how to increase Internet security when you can’t control which servers you might visit in a server pool?

If users know which country’s servers may be at risk, they can choose a different country’s server pool—and continue to enjoy the freedom of their VPN.

2. Your Safety, Our Infrastructure

You know the saying—“if you want something done right, do it yourself.” We know what we do right: privacy and Internet freedom. That’s why we own all of our infrastructure. So if we experience a breach, we know about it immediately, and you do, too. No deleted evidence, no patched vulnerabilities, and no reliance on a team we don’t 100% trust.

3. You’re First To Know

Protecting yourself from a breach is significantly harder if you don’t know a breach happened. That’s why, with VyprVPN, you’re the first to hear about any changes—especially risks to your personal privacy on the Internet.

You deserve to protect yourself online. We make it easier for you to stay safe by being as open as possible—because that’s how the Internet should be. For everyone.

 

Our Core Privacy Beliefs

Netizens of the world must arm themselves with the tools to protect their information and identities online. A global commitment to a free and open Internet will help us foster global prosperity and promote peace.

Ron Yokubaitis, Golden Frog’s Vision Paper – Peace, Prosperity and the Case for the Open Internet

1. We believe in an Open Internet and will not discriminate against devices, protocols, or applications.

2. We believe in privacy, not the false promise of anonymity.

3. We own and operate our own infrastructure so we can minimize reliance on 3rd parties and deliver on our promises to our users.

4. We believe in “Privacy by Design” so we can engineer privacy into our infrastructure.

5. We are transparent with our users and only log the minimal amount of data necessary to deliver great speeds, reliability and to prevent fraud and abuse.

6. We focus on the user experience to make it easy for our users to protect their privacy.

7. We will continue to innovate and develop new privacy tools.