'NordVPN, a virtual private network provider that promises to "protect your privacy online," has confirmed it was hacked. From a report: The admission comes following rumors that the company had been breached. It first emerged that NordVPN had an expired internal private keys exposed, potentially allowing anyone to spin out their own servers imitating NordVPN. For its part, NordVPN has claimed a "zero logs" policy. "We don't track, collect, or share your private data," the company says. But the breach is likely to cause alarm that hackers may have been in a position to access some user data. NordVPN told TechCrunch that one of its datacenters was accessed in March 2018. "One of the datacenters in Finland we are renting our servers from was accessed with no authorization," said NordVPN spokesperson Laura Tyrell. The attacker gained access to the server -- which had been active for about a month -- by exploiting an insecure remote management system left by the datacenter provider, which NordVPN said it was unaware that such a system existed.' -- source: https://it.slashdot.org/story/19/10/21/1447208 Cheers, Peter -- Peter Reutemann Dept. of Computer Science University of Waikato, NZ +64 (7) 858-5174 http://www.cms.waikato.ac.nz/~fracpete/ http://www.data-mining.co.nz/