How to Protect Your Data Against VPN Breaches

article by Sandra Trentino
October 31, 2019
If you are not already using a VPN to access the internet, then you are putting yourself at serious risk. VPNs or Virtual Private Networks provide an unrivaled level of security which increases significantly when you couple this with a password protector and antivirus software. We will talk more about that later in this article. Firstly, let’s look at the benefits of using a VPN and why it is wise to use one.

Why Use a VPN?

A Virtual Private Network allows you to access the internet safely through routing your connection to an independent server which is often located in a different country. Your personal information will be encrypted end-to-end, which means that no one will have access to your online activity and true IP address.

Using a VPN means that you can bypass geographical blocks on streaming services, use public wifi without fear of being hacked and download content online, knowing that your location and personal information will not be logged.

But how safe are VPNs really? And what happens if there is a breach in security?

NordVPN and the Data Breach

NordVPN is one of the most popular VPN services out there and up until recently, has had an excellent reputation for providing a high level of security and fantastic additional features. The service was even recently recommended by PCMag, TechRadar, and CNET who stated that it was their favorite VPN provider. So what went wrong?

You may have heard on various tech sites about the NordVPN data breach. If you are unfamiliar with this story then let’s quickly fill you in.

This week, the NordVPN confirmed that it was hacked but it has taken them a while to confirm this rumor.

Back in March, 2018 NordVPN was a victim of a data breach where one of its data centers based in Finland was accessed without any form of authorization. One of the servers was accessed by the attacker but according to an interview given by TechCrunch, a spokesperson for NordVPN told them that the server in question didn’t contain user activity logs and “none of our applications send user-created credentials for authentication, so usernames and passwords couldn’t have been intercepted either”.

The server had been active for around a month and was accessed through a remote management system which was found to be insecure. The NordVPN spokesperson explained that they didn’t believe it possible that the private key could be used to decrypt VPN traffic on any other server.

Security experts have found these results worrying but NordVPN has reassured its users that they had installed special intrusion detection systems which were used to detect early breaches. However, they also declared that they couldn’t have known about the remote management system left by the unnamed data center provider.

Since admitting the data breach that got NordVPN hacked, they have announced to their users that they are going to step up their game and take all measures to enhance their security. Since the NordVPN data breach, they have undergone several security audits and plans this past year to perform external security audits on their infrastructure to ensure that they do not miss anything else in the future.

How Safe are VPNs?

With NordVPN being severely compromised as well as rumors that other VPN providers such as TorGuard and VikingVPN have experienced similar issues, one has to wonder how safe VPNs really are. A simple way of looking at this question is to ask – how safe are you not using a VPN? Using a VPN is significantly safer than not using a VPN and luckily, data breaches are extremely rare. NordVPN has been brought to attention in the media due to its recent data breach but the positive outcome from this is that they realized that they missed something in the security audit and have now taken significant measures to avoid a repeat breach. No VPN is 100% safe used alone, but there are things you can do to enhance your privacy.

What Can You do to Ensure Extra Safety? 

Just as you might put extra locks on your door to prevent your house from getting broken into, there are additional measures that you can take to ensure that your internet activity is extra safe.

Here are the two things you can do to avoid being hacked:

Use Antivirus Software

By the time you’ve read this article, there will be thousands upon thousands of computer viruses and malware being released. In fact, in 2015, around 317 million pieces of malware were detected. That’s almost one million per day – let that sink in for a moment! Malicious software is used for different reasons, and some are there to simply compromise or wreck your computer system. On the other hand, spyware or phishing spam can obtain personal information such as credit card details and passwords. It’s simply not worth leaving yourself wide open to these threats, so using high-quality antivirus software is the most sensible option. Especially when used in conjunction with a VPN. Antivirus software will detect and protect you against spyware, malware, rootkits, phishing attacks, Trojan attacks, spam attacks, and any other viruses. They can often detect attacks and prevent them from causing your system harm when detected. Antivirus software will prevent you from getting bombarded with spam and perform a fast scan of removable devices that otherwise could cause harm to your system. It can also provide password protection, give you parental controls and block annoying ads from websites. McAfee and Norton are always highly rated.

Use a Password Manager

If you’re sensible enough to use a VPN, then it seems counterproductive to use the same password on different websites. Also how strong is your password really? Not many people use unique and complex passwords for every website as they are difficult to remember. This is where a password manager comes in handy. A password manager does what it says – it manages your passwords and keeps them all in one safe place which is encrypted and accessible with a master password. This is the only password that you will ever have to remember! It’s best to use an independent password manager and steer clear from browser-based password managers as these store your information in unencrypted form. Dashlane and LastPass are recommended password managers.

Staying Safe…

It can be easy to lose faith in service or company when a security breach occurs and the NordVPN data breach has caused quite a stir amongst its users and the tech world in general. This was never supposed to happen, but it did. It seems the company found where the issue stemmed from and have taken serious measures to ensure that this never happens again. Other VPN providers also need to take note and perhaps consider external security audits if they do not do this already. Staying safe online is using a VPN coupled with extra security measures. Most of our lives are online and so it’s really worth taking those extra steps to ensure that everything is kept under lock and key.