Yesterday on January 4, a breach forum post alleged that a threat actor had accessed a “NordVPN Salesforce development server” which meant user data was allegedly hacked into. NordVPN has now issued a statement clarifying the situation as the firm has said that it concluded an "immediate forensic review" of such claims.
According to NordVPN, the company’s security team confirmed that no NordVPN servers or internal production infrastructure were compromised. “At this stage, there are no signs that NordVPN systems have been breached,” the team said in a new support article regarding the matter, noting that the data in question does not originate from NordVPN’s Salesforce environment or any other internal service.
Instead, the report adds that investigators traced the leaked configuration files to a third-party platform. NordVPN says that about half a year ago, the VPN service provider had briefly evaluated a vendor for automated testing during a Proof of Concept (PoC) phase. A temporary test environment for that purpose was created though it was never connected to production systems. The company had ultimately chosen a different vendor and did not proceed with the one under evaluation.
Regardless, NordVPN has emphasized that no sensitive data was ever involved. Because the PoC was preliminary, no customer information, production source code, or active credentials were uploaded. The leaked elements, like API tables and database schemas, were identified as artifacts of the isolated test environment and thus were filled only with dummy data for functionality checks.
Hence, NordVPN has assured that the allegations of internal Salesforce development servers being breached are therefore false. It writes: "The claims that our internal Salesforce development servers were breached are false. ... NordVPN systems remain fully secure. Your data is safe, and no action is required on your part."
While the leaked files point only to the abandoned test setup, NordVPN says that it has contacted the vendor in question for additional information to ensure full transparency.
0 Comments
Load the comments and join the conversation!
Read the comments, ask the editors questions, show respect and join the conversation.