NordVPN denied allegations that its inner Salesforce growth servers had been breached, saying that cybercriminals obtained “dummy information” from a trial account on a third-party automated testing platform.
The corporate’s assertion comes after a menace actor (utilizing the 1011 deal with) claimed on a hacking discussion board over the weekend that they stole greater than 10 databases containing delicate data like Salesforce API keys and Jira tokens, following a brute-force assault towards a NordVPN growth server.
“Right this moment i’m leaking +10 DB’s supply codes from a nordvpn growth server. This data was acquired by bruteforcing a misconfigured server of Nordypn, which has salesforce and jira data saved. Compromissed data: SalesForce api keys, jira tokens and extra,” the menace actor stated.
Nonetheless, as NordVPN revealed right this moment, that is truly take a look at information stolen from a short lived take a look at setting deployed months earlier throughout trial testing a possible vendor for automated testing.
The Lithuanian VPN service added that the take a look at setting had no reference to its personal infrastructure and that the stolen information does not embody delicate buyer or enterprise data.
”The leaked components, akin to the particular API tables and database schemas can solely be artifacts of an remoted third-party take a look at setting, containing solely dummy information used for performance checks. Whereas no information within the dump factors to NordVPN, we now have contacted the seller for extra data,” NordVPN defined.
“As a result of this was a preliminary take a look at and no contract was ever signed, no actual buyer information, manufacturing supply code, or energetic delicate credentials had been ever uploaded to this setting.
“We finally selected a unique vendor and didn’t proceed with the one we examined. The setting in query was by no means related to our manufacturing techniques.”
Whereas this was solely a false alarm, in 2019, hackers breached the servers of NordVPN and TorGuard, gaining full root entry and stealing personal keys used to safe their net servers and VPN configurations.
In response to the 2019 incident, NordVPN launched a bug bounty program and employed exterior cybersecurity specialists for a “full-scale” third-party security audit.
The corporate additionally introduced plans to modify to devoted servers that they personal solely and to improve their whole 5,100-server infrastructure to RAM servers.
As MCP (Mannequin Context Protocol) turns into the usual for connecting LLMs to instruments and information, security groups are transferring quick to maintain these new companies secure.
This free cheat sheet outlines 7 greatest practices you can begin utilizing right this moment.
