NordVPN: Difference between revisions
m →See also: added more links to 'see also' |
Clean-up; pass on style; removed stub tag. |
||
| Line 1: | Line 1: | ||
{{CompanyCargo | {{CompanyCargo | ||
|Description=Lithuanian virtual private network provider. | |Description=Lithuanian virtual private network provider. | ||
| Line 10: | Line 9: | ||
}} | }} | ||
''' | '''NordVPN''' is a {{Wplink|virtual private network}} (VPN) service provider owned by Nord Security. NordVPN heavily advertises their products on popular [[YouTube]] channels. It operates worldwide, with offices in the United Kingdom, the Netherlands, Poland, Germany, the United States, Lithuania, Switzerland, and Panama. | ||
==Consumer | ==Consumer impact summary== | ||
===User freedom=== | |||
{{Incomplete section}} | |||
===User privacy=== | |||
Due to current laws, United States intelligence agencies are prohibited from spying on American citizens' communications, including internet traffic (with some expanding exceptions).<ref>{{Cite web |author= |title=Electronic Communications Privacy Act of 1986 (ECPA) |url=https://bja.ojp.gov/program/it/privacy-civil-liberties/authorities/statutes/1285 |website=Office of Justice Programs |date= |access-date=28 Jun 2026 |url-status=live |archive-url=http://web.archive.org/web/20260124102522/https://bja.ojp.gov/program/it/privacy-civil-liberties/authorities/statutes/1285 |archive-date=24 Jan 2026}}</ref> However, internet traffic that exits the country is legally subject to interception and decryption. This includes VPN providers that route traffic outside the United States. As a result, using a VPN may inadvertently expose users to surveillance by U.S. intelligence agencies. No international VPN providers disclose this risk to their customers. It is entirely legal for U.S. intelligence agencies to break encryption, perform {{Wplink|man-in-the-middle attack}}s, or employ other methods to weaken encryption on data crossing international borders. | |||
== | If data passes international borders it is subject to "bulk collection" by the Intelligence Community because of Executive Order 12333.<ref>{{Cite web |last=Goitein |first=Elizabeth |title=How the CIA Is Acting Outside the Law to Spy on Americans |url=https://www.brennancenter.org/our-work/analysis-opinion/how-cia-acting-outside-law-spy-americans |website=Brennan Center |date=15 Feb 2022 |access-date=26 Mar 2025 |url-status=live |archive-url=http://web.archive.org/web/20251210020204/https://www.brennancenter.org/our-work/analysis-opinion/how-cia-acting-outside-law-spy-americans |archive-date=10 Dec 2025}}</ref> | ||
=== | ===Business model=== | ||
The company sells subscription services that mainly include its VPN product, but higher tiers can also have add-ons such as the identity protection service ''NordProtect'', the cloud storage service ''NordLocker'' and the password manager ''NordPass'', as well as others. | |||
===Market control=== | |||
{{Incomplete section}} | |||
== | ==Incidents== | ||
===Data center breach (''2018'')=== | |||
In March 2018 one of NordVPN's third party servers located in Finland was breached. According to official accounts, the attacker gained access to the server thanks to poor management on the data center's part, which shortly after patched the issue but failed to make NordVPN aware of the breach until 13 April 2018.<ref name=":0">{{Cite web |author= |title=Why the NordVPN network is safe after a third-party provider breach |url=https://nordvpn.com/blog/official-response-datacenter-breach/ |website=NordVPN |date=21 Oct 2019 |access-date=22 Feb 2026 |url-status=live |archive-url=https://megalodon.jp/2026-0408-0206-55/https://nordvpn.com:443/blog/official-response-datacenter-breach/ |archive-date=7 Apr 2026}}</ref> | |||
No sensitive user data was stolen, but the attacker did get access to {{Wplink|Transport Layer Security|TLS keys}} which ''"under extraordinary circumstances, could be used to attack a single user on the web using a specifically targeted and highly sophisticated MITM attack"''.<ref name=":0" /> Said TLS keys were made public by the attacker on the website 8chan together with information relating to breaches of other VPN providers such as TorGuard and VikingVPN.<ref>{{Cite web |last=Lekander |first=Alex |title=NordVPN Hack – Everything You Need to Know |url=https://cyberinsider.com/nordvpn-hack/ |website=Cyber Insider |date=23 Oct 2019 |access-date=22 Feb 2026 |url-status=live |archive-url=http://web.archive.org/web/20260131112151/https://cyberinsider.com/nordvpn-hack/ |archive-date=31 Jan 2026}}</ref> | |||
NordVPN released an official statement more than a year later, only after a researcher on [[X]] revealed that NordVPN ''"was compromised at some point"''.<ref>{{Cite web |author=undefined |title=undefined on X |url=https://x.com/hexdefined/status/1185864801261477891 |website=[[X]] |date=20 Oct 2019 |access-date=28 Jun 2026 |url-status=live |archive-url=https://web.archive.org/web/20260407180621/https://nitter.catsarch.com/hexdefined/status/1185864801261477891 |archive-date=7 Apr 2026}}</ref> This was followed by significant turmoil within the community, as individuals remained uninformed for all of this time. According to NordVPN, the delay was justified by an internal audit they were executing of all of their servers which they wanted to complete before notifying the public, making sure that the attack could not be replicated.<ref name=":0" /> | |||
NordVPN has since taken down the affected server and terminated the contract with the data center. A security plan was later announced as well.<ref>{{Cite web |last=Markuson |first=Daniel |title=How NordVPN will become more secure than ever |url=https://nordvpn.com/blog/security-plan/ |website=NordVPN |date=26 Oct 2019 |access-date=28 Jun 2026 |url-status=live |archive-url=https://megalodon.jp/2026-0408-0209-06/https://nordvpn.com:443/blog/security-plan/ |archive-date=7 Apr 2026}}</ref> | |||
===Lawsuit over subscription renewal practices (''2024'')=== | |||
A class action lawsuit was filed on 19 November 2024, accusing NordVPN and its developer, Nord Security, of using deceptive and illegal subscription renewal practices that violated the Colorado Consumer Protection Act.<ref>{{Cite web |last=Rizzi |first=Corrado |title=NordVPN Lawsuit Filed Over Allegedly Illegal Automatic Subscription Renewal Practices |url=https://www.classaction.org/news/nordvpn-lawsuit-filed-over-allegedly-illegal-automatic-subscription-renewal-practices |website=ClassAction |date=20 Nov 2024 |access-date=24 May 2025 |url-status=live |archive-url=http://web.archive.org/web/20250720090038/https://www.classaction.org/news/nordvpn-lawsuit-filed-over-allegedly-illegal-automatic-subscription-renewal-practices |archive-date=20 Jul 2025}}</ref> | |||
Its current status is considered active as of 28 June 2026, according to information for ''Peterson v. Nordvpn S.A. et al'' (1:24-cv-03218) on PacerMonitor. The most recent order was on 28 April 2026, granting an unopposed motion to stay proceedings pending a settlement (deadline 27 July 2026).<ref>{{Cite web |last=Sweeney |first=Charlotte N. |title=Peterson v. Nordvpn S.A. et al (1:24-cv-03218), Colorado District Court |url=https://www.pacermonitor.com/public/case/55890999/Peterson_v_Nordvpn_SA_et_al |website=PacerMonitor |date=28 Apr 2026 |access-date=28 Jun 2026 |url-status=live |archive-url=https://web.archive.org/web/20260629042442/https://www.pacermonitor.com/public/case/55890999/Peterson_v_Nordvpn_SA_et_al |archive-date=29 Jun 2026}}</ref> | |||
=== | ===Tracking inside app (''2025'')=== | ||
An analysis by German privacy blogger and activist Mike Kuketz found third-party tracking services embedded into the apps of five different VPN services, including three in NordVPN's app (AppsFlyer, Google Crashlytics, and Google Firebase Analytics).<ref>{{Cite web |last=Kuketz |first=Mike |title=VPN-Apps: Wenn »Sicherheits-Apps« selbst zum Risiko werden |trans-title=VPN-Apps: When "Security-Apps" themselves become a risk |url=https://www.kuketz-blog.de/vpn-apps-wenn-sicherheits-apps-selbst-zum-risiko-werden/ |website=Kuketz IT-Security |date=29 Sep 2025 |access-date=27 Oct 2025 |url-status=live |archive-url=https://megalodon.jp/2026-0408-0210-36/https://www.kuketz-blog.de:443/vpn-apps-wenn-sicherheits-apps-selbst-zum-risiko-werden/ |archive-date=7 Apr 2026 |lang=de}}</ref> | |||
When confronted, NordVPN denied the allegations, answering with statements about the website instead of the smartphone app. Kuketz then conducted his own in-depth analysis of the app's traffic (his initial analysis was based on data from the [https://exodus-privacy.eu.org/en/ Exodus Privacy Project]), revealing that at least two of the trackers were indeed present. | |||
Faced with the results, the company spoke of a ''"misunderstanding"'', which Kuketz described as ''"not very convincing"''. | |||
NordVPN | He further noted that NordVPN's PR manager was using a NordVPN e-mail address which was hosted by Google, meaning any e-mail communication with the company over the same channels would be fully exposed to the advertising giant's data collection.<ref>{{Cite web |last=Kuketz |first=Mike |title=NordVPN bestreitet den Einsatz von Trackern – Doch ein App-Mitschnitt zeigt ein anderes Bild |trans-title=NordVPN denies use of trackers – but an analysis of the app's traffic paints a different picture |url=https://www.kuketz-blog.de/nordvpn-bestreitet-den-einsatz-von-trackern-doch-ein-app-mitschnitt-zeigt-ein-anderes-bild/ |website=Kuketz IT-Security |date=20 Oct 2025 |access-date=27 Oct 2025 |url-status=live |archive-url=https://megalodon.jp/2026-0408-0210-39/https://www.kuketz-blog.de:443/nordvpn-bestreitet-den-einsatz-von-trackern-doch-ein-app-mitschnitt-zeigt-ein-anderes-bild/ |archive-date=7 Apr 2026}}</ref> | ||
==Products== | ==Products== | ||
*NordVPN | *NordVPN | ||
*NordPass | *NordPass | ||
| Line 56: | Line 57: | ||
*NordProtect | *NordProtect | ||
*Saily | *Saily | ||
==See also== | ==See also== | ||
| Line 79: | Line 66: | ||
==References== | ==References== | ||
{{Reflist}} | |||
[[Category: | |||
[[Category:{{PAGENAME}}]] | |||
[[Category:Cybersecurity companies]] | [[Category:Cybersecurity companies]] | ||
Latest revision as of 05:00, 29 June 2026
| Basic information | |
|---|---|
| Founded | 2012 |
| Legal Structure | Private |
| Industry | Cybersecurity, Virtual Private Networks |
| Also known as | |
| Official website | https://nordvpn.com |
NordVPN is a virtual private network (VPN) service provider owned by Nord Security. NordVPN heavily advertises their products on popular YouTube channels. It operates worldwide, with offices in the United Kingdom, the Netherlands, Poland, Germany, the United States, Lithuania, Switzerland, and Panama.
Consumer impact summary
[edit | edit source]User freedom
[edit | edit source]This section is incomplete. This notice can be deleted once all the placeholder text has been replaced.
User privacy
[edit | edit source]Due to current laws, United States intelligence agencies are prohibited from spying on American citizens' communications, including internet traffic (with some expanding exceptions).[1] However, internet traffic that exits the country is legally subject to interception and decryption. This includes VPN providers that route traffic outside the United States. As a result, using a VPN may inadvertently expose users to surveillance by U.S. intelligence agencies. No international VPN providers disclose this risk to their customers. It is entirely legal for U.S. intelligence agencies to break encryption, perform man-in-the-middle attacks, or employ other methods to weaken encryption on data crossing international borders.
If data passes international borders it is subject to "bulk collection" by the Intelligence Community because of Executive Order 12333.[2]
Business model
[edit | edit source]The company sells subscription services that mainly include its VPN product, but higher tiers can also have add-ons such as the identity protection service NordProtect, the cloud storage service NordLocker and the password manager NordPass, as well as others.
Market control
[edit | edit source]This section is incomplete. This notice can be deleted once all the placeholder text has been replaced.
Incidents
[edit | edit source]Data center breach (2018)
[edit | edit source]In March 2018 one of NordVPN's third party servers located in Finland was breached. According to official accounts, the attacker gained access to the server thanks to poor management on the data center's part, which shortly after patched the issue but failed to make NordVPN aware of the breach until 13 April 2018.[3]
No sensitive user data was stolen, but the attacker did get access to TLS keys which "under extraordinary circumstances, could be used to attack a single user on the web using a specifically targeted and highly sophisticated MITM attack".[3] Said TLS keys were made public by the attacker on the website 8chan together with information relating to breaches of other VPN providers such as TorGuard and VikingVPN.[4]
NordVPN released an official statement more than a year later, only after a researcher on X revealed that NordVPN "was compromised at some point".[5] This was followed by significant turmoil within the community, as individuals remained uninformed for all of this time. According to NordVPN, the delay was justified by an internal audit they were executing of all of their servers which they wanted to complete before notifying the public, making sure that the attack could not be replicated.[3]
NordVPN has since taken down the affected server and terminated the contract with the data center. A security plan was later announced as well.[6]
Lawsuit over subscription renewal practices (2024)
[edit | edit source]A class action lawsuit was filed on 19 November 2024, accusing NordVPN and its developer, Nord Security, of using deceptive and illegal subscription renewal practices that violated the Colorado Consumer Protection Act.[7]
Its current status is considered active as of 28 June 2026, according to information for Peterson v. Nordvpn S.A. et al (1:24-cv-03218) on PacerMonitor. The most recent order was on 28 April 2026, granting an unopposed motion to stay proceedings pending a settlement (deadline 27 July 2026).[8]
Tracking inside app (2025)
[edit | edit source]An analysis by German privacy blogger and activist Mike Kuketz found third-party tracking services embedded into the apps of five different VPN services, including three in NordVPN's app (AppsFlyer, Google Crashlytics, and Google Firebase Analytics).[9]
When confronted, NordVPN denied the allegations, answering with statements about the website instead of the smartphone app. Kuketz then conducted his own in-depth analysis of the app's traffic (his initial analysis was based on data from the Exodus Privacy Project), revealing that at least two of the trackers were indeed present.
Faced with the results, the company spoke of a "misunderstanding", which Kuketz described as "not very convincing".
He further noted that NordVPN's PR manager was using a NordVPN e-mail address which was hosted by Google, meaning any e-mail communication with the company over the same channels would be fully exposed to the advertising giant's data collection.[10]
Products
[edit | edit source]- NordVPN
- NordPass
- NordLocker
- NordProtect
- Saily
See also
[edit | edit source]References
[edit | edit source]- ↑ "Electronic Communications Privacy Act of 1986 (ECPA)". Office of Justice Programs. Archived from the original on 24 Jan 2026. Retrieved 28 Jun 2026.
- ↑ Goitein, Elizabeth (15 Feb 2022). "How the CIA Is Acting Outside the Law to Spy on Americans". Brennan Center. Archived from the original on 10 Dec 2025. Retrieved 26 Mar 2025.
- ↑ 3.0 3.1 3.2 "Why the NordVPN network is safe after a third-party provider breach". NordVPN. 21 Oct 2019. Archived from the original on 7 Apr 2026. Retrieved 22 Feb 2026.
- ↑ Lekander, Alex (23 Oct 2019). "NordVPN Hack – Everything You Need to Know". Cyber Insider. Archived from the original on 31 Jan 2026. Retrieved 22 Feb 2026.
- ↑ undefined (20 Oct 2019). "undefined on X". X. Archived from the original on 7 Apr 2026. Retrieved 28 Jun 2026.
- ↑ Markuson, Daniel (26 Oct 2019). "How NordVPN will become more secure than ever". NordVPN. Archived from the original on 7 Apr 2026. Retrieved 28 Jun 2026.
- ↑ Rizzi, Corrado (20 Nov 2024). "NordVPN Lawsuit Filed Over Allegedly Illegal Automatic Subscription Renewal Practices". ClassAction. Archived from the original on 20 Jul 2025. Retrieved 24 May 2025.
- ↑ Sweeney, Charlotte N. (28 Apr 2026). "Peterson v. Nordvpn S.A. et al (1:24-cv-03218), Colorado District Court". PacerMonitor. Archived from the original on 29 Jun 2026. Retrieved 28 Jun 2026.
- ↑ Kuketz, Mike (29 Sep 2025). "VPN-Apps: Wenn »Sicherheits-Apps« selbst zum Risiko werden" [VPN-Apps: When "Security-Apps" themselves become a risk]. Kuketz IT-Security (in Deutsch). Archived from the original on 7 Apr 2026. Retrieved 27 Oct 2025.
- ↑ Kuketz, Mike (20 Oct 2025). "NordVPN bestreitet den Einsatz von Trackern – Doch ein App-Mitschnitt zeigt ein anderes Bild" [NordVPN denies use of trackers – but an analysis of the app's traffic paints a different picture]. Kuketz IT-Security. Archived from the original on 7 Apr 2026. Retrieved 27 Oct 2025.