"The hacker, using the name of 1011, claimed to have brute-forced a misconfigured NordVPN development server and included sample SQL dumps alongside screenshots to prove it on January 4. Which sounded like a done deal, and was reported as such. NordVPN, however, was quick to investigate and posted a security update within 24 hours. ... And this is where the plot thickens more than my mum's gravy: the data itself doesn't even come from NordVPN's development environment, or any other that the hacker claimed."
"It appears that the servers brute-forced by the threat actor belonged to a third-party platform that was being assessed during a trial account period. That trail never came to anything, a different vendor was chosen, and the development environment was never connected to NordVPN production systems."
A hacker identifying as 1011 claimed to have brute-forced a misconfigured NordVPN development server and published sample SQL dumps and screenshots on January 4. NordVPN investigated promptly and issued a security update within 24 hours. Forensic findings show the data did not originate from any NordVPN systems. The servers targeted belonged to a third-party platform evaluated during a trial account, the trial ended without adoption, a different vendor was chosen, and that environment was never connected to NordVPN production systems. Prior false breach claims emphasize the need to verify threat actor claims before repeating them.
Read at DataBreaches.Net
Unable to calculate read time
Collection
[
|
...
]