VPNs That Are Known to Have Been Hacked

It’s not unusual for larger businesses to occasionally come under threat from online criminals and VPNs are no different. Despite their best attempts at protecting our online security, even VPN clients aren’t entirely safe from attack. In fact, you may be surprised to learn that many of the largest VPN providers have been compromised at some point. 

This doesn’t mean that VPNs are no longer safe and you should stop using them. It simply means that no company is ever completely safe from online criminals. Thankfully, VPN providers have strict security measures in place to encrypt their users’ data and ensure that any data breaches are quickly resolved and any affected parties are alerted as quickly as possible – especially if they operate with a no-logging policy. 

To give you an idea of how common data breaches can be and the methods VPNs use to deal with attempts at accessing their servers, here’s a list of VPNs that are known to have been hacked.

NordVPN 

One of the largest VPN providers was hacked back in November 2019, after the company admitted it had been breached following numerous reports online from concerned users. These reports included details that NordVPN had an expired internal private key exposed, potentially allowing anyone to create their own servers that were imitating Nord’s private servers. 

What’s surprising is this case dates all the way back to March 2018, in which a NordVPN employee told a staff member at TechCrunch that one of its data centers was accessed without authorization. Thankfully, as NordVPN operates with a no-logging policy for its users, they don’t track, collect, or share their information. This means that if the breach had been more serious, there wouldn’t have been much-identifying information for hackers to access. NordVPN hasn’t been able to confirm how many users were affected as a result of this single data breach but suggested that figures may have been between 50-200 users. Despite the low impact of this breach, it’s one of the most controversial hacking attempts on a VPN provider, primarily due to the size of the company and the reputational damage it caused NordVPN.

Sangfor SSL 

Sangfor SSL provides remote user access for enterprises through their VPN servers. In March 2020, Sangfor was the victim of a hacking attempt by the DarkHotel hacking group, which compromised over 200 VPN servers. As VPN servers are used to help keep remote workers secure, there’s been a significant increase in the number of hacking reports against them. Sangfor, in particular, was targeted as part of the hacking group’s attempts to infiltrate a number of Chinese institutions and government agencies. 

The hackers worked by infiltrating Sangfor’s servers and then installing malicious software onto the victims’ machines to collect their data. 

Fortigate & Pulse Secure 

In August 2019, researchers discovered that hackers were actively unleashing attacks in an attempt to steal encryption keys, passwords, and other sensitive data from servers that have failed to apply critical fixes for two widely used VPNs: Fortigate and Pulse Secure. 

Researchers from Devcore found vulnerabilities that could be exploited by sending unpatched server web requests containing a special sequence of characters. These vulnerabilities in both Fortigate and Pulse Secure made it possible for hackers to remotely execute malicious code and change important passwords, which rendered the providers useless. Additional internet scans performed by a security group revealed vulnerable servers in 121 countries. These scans also found IP addresses belonging to a variety of sensitive organizations such as major financial institutions and the US military. 

Should I Stop Using a VPN That’s Hacked? 

We’d never write off a VPN that’s been hacked unless that the hacking was caused by the VPN provider’s ineptitude when it comes to safety and security. The attack on NordVPN, for example, demonstrated that there were security breaches in its system but these were immediately addressed by the provider and a further examination found that an extremely minimal number of people had been affected. This doesn’t excuse the hacking – but it’s reassuring to know that they were able to work and immediately address the issues that were highlighted. 

Regardless, if you ever find out your VPN provider has been the victim of a hacking attempt, it’s important to review all of your security credentials and change them to be safe. If you’re interested in learning more about the best VPNs for security, click here to head over to our reviews page.

Adam Dagan
Share

Related Stories