"The leaked elements, such as the specific API tables and database schemas can only be artifacts of an isolated third-party test environment, containing only dummy data used for functionality checks. While no data in the dump points to NordVPN, we have contacted the vendor for additional information," NordVPN explained.
"Because this was a preliminary test and no contract was ever signed, no real customer data, production source code, or active sensitive credentials were ever uploaded to this environment.
“We ultimately chose a different vendor and did not proceed with the one we tested. The environment in question was never connected to our production systems.”
I’d love to see the look on 1011’s face having just learned this.
Why would *VPN even have ANY data worth taking through breaching?
They operate a business that charges for a service, and therefore have user accounts and payment data for those accounts.
There is at least one VPN provider (that I know of) that doesn’t record account and payment data. You can send the fee via regular post in a envelope tied to only a random numerical user ID
Mulvad. That’s how I do it.
Because your previous trust is clearly misplaced.
I don’t care what somebody’s TOS says, I’m going to remain skeptical.
