NordVPN has responded to online hacking claims, saying that no real customer or business data was exposed and that the leaked information came from a testing environment containing only dummy data.
The company stressed that its core systems and user privacy remain fully secure.
The clarification comes after a threat actor posted on a hacking forum, claiming they had breached a NordVPN development server and stolen multiple databases. The attacker alleged the data included Salesforce API keys and Jira tokens, raising concerns across cybersecurity communities and social media.
According to NordVPN, the data originated from a temporary test setup used months ago while evaluating a third-party automated testing service. The company explained that this environment was isolated, never connected to production systems, and did not store real customer data, live credentials, or internal source code.
NordVPN also confirmed that it never signed a contract with the vendor involved.
If this article helped you, please consider supporting our work. Every small contribution keeps Abijita.com independent and running.
