NordVPN denies breach claims, says attackers have “dummy data” Source: https://www.bleepingcomputer.com/news/security/nordvpn-denies-breach-claims-says-attackers-have-dummy-data/
NordVPN denied allegations that its internal Salesforce development servers were breached, stating that cybercriminals obtained “dummy data” from a trial account on a third-party automated testing platform.
The company’s statement follows a claim made over the weekend by a threat actor using the “1011” handle on a hacking forum. The actor alleged they stole more than 10 databases containing sensitive information—such as Salesforce API keys and Jira tokens—after a brute-force attack against a NordVPN development server.
NordVPN said the test environment had no connection to its own infrastructure and that the stolen data does not include sensitive customer or business information.
