The company said that one server in a Finland data center leased from an unidentified provider was breached. But, no username or passwords were exposed, it says.
“We are taking all the necessary means to enhance our security,” NordVPN said in a statement. “We have undergone an application security audit, are working on a second no-logs audit right now, and are preparing a bug bounty program.”