The data in question does not originate from NordVPN’s internal Salesforce environment or any other services mentioned in the claim. Instead, our investigation identified that the leaked configuration files were related to a third-party platform, with which we briefly had a trial account.
What actually happened: 6 months ago, NordVPN evaluated a potential vendor for automated testing. As part of a standard Proof of Concept (PoC) phase, a temporary test environment was created to assess their functionality.
- No sensitive data: Because this was a preliminary test and no contract was ever signed, no real customer data, production source code, or active sensitive credentials were ever uploaded to this environment.
- Vendor not selected: We ultimately chose a different vendor and did not proceed with the one we tested. The environment in question was never connected to our production systems.
The claims that our internal Salesforce development servers were breached are false. The leaked elements, such as the specific API tables and database schemas can only be artifacts of an isolated third-party test environment, containing only dummy data used for functionality checks. While no data in the dump points to NordVPN, we have contacted the vendor for additional information.
NordVPN systems remain fully secure. Your data is safe, and no action is required on your part.
