3 months"The leaked elements, such as the specific API tables and database schemas can only be artifacts of an isolated third-party test environment, containing only dummy data used for functionality checks. While no data in the dump points to NordVPN, we have contacted the vendor for additional information," NordVPN explained.
"Because this was a preliminary test and no contract was ever signed, no real customer data, production source code, or active sensitive credentials were ever uploaded to this environment.
“We ultimately chose a different vendor and did not proceed with the one we tested. The environment in question was never connected to our production systems.”
I’d love to see the look on 1011’s face having just learned this.
- Lembot_0006@programming.devEnglish3 months
Why would *VPN even have ANY data worth taking through breaching?
- dublet@lemmy.worldEnglish3 months
They operate a business that charges for a service, and therefore have user accounts and payment data for those accounts.
- John Lemmy@lemmy.mlEnglish3 months
There is at least one VPN provider (that I know of) that doesn’t record account and payment data. You can send the fee via regular post in a envelope tied to only a random numerical user ID
- Lembot_0006@programming.devEnglish3 months
So for selling it to aggregators? That’s bad practice for a VPN-providing company.
So for selling it to aggregators?
You really think thats the primary function for user data? Not like, billing?
- Lembot_0006@programming.devEnglish3 months
Billing? ID -> balance. “Very” important data for hackers. They had more? Like card numbers, names, addresses, etc? That’s a bad practice for VPN providers.
- dogslayeggs@lemmy.worldEnglish3 months
You are surprised that a for-profit company that bills people on a RECURRING basis for a paid service keeps card numbers and billing addresses/names? How would recurring bills be paid if the info isn’t stored?
- Lembot_0006@programming.devEnglish3 months
You are surprised
I’m not surprised. I am accustomed to the shit around.
How would recurring bills be paid if the info isn’t stored?
Just go to the bank (or open your bank application on the phone) and pay.
- 3 months
This is not how most people operate around subscription services. People expect that the online subscription service will manage that shit. Less secure I know, but you live either in the past or in a much higher risk environment than most.
- Postmortal_Pop@lemmy.worldEnglish3 months
Mulvad gives you a 16 digit random number when you sign up. Anyone with that number can use that account, it’s on you to not lose it, if you do you have to make a new account. You send them money and an account number and they add balance to that account. When it’s out, that account is blocked from service until they get more money. You hack their service and you get a list of numbers and whether or not they have service. They keep no documentation and if you pay with card you have to manually input every time. I know them better than they know their users.
- Lembot_0006@programming.devEnglish3 months
You don’t have any “test data” if you don’t have any “real data”. Why would you?
- village604@adultswim.fanEnglish3 months
Uh… this entire event is a strong reason for using dummy data in a testing environment. You shouldn’t ever use production data in a test environment.
You generate dummy data that looks like real data for testing purposes.
- village604@adultswim.fanEnglish3 months
I do understand, you just don’t seem to understand that this testing environment never contained real data. And you can absolutely generate dummy data without having real data to start with.
- kbobabob@lemmy.dbzer0.comEnglish3 months
I just wanna say that I get what you’re saying and this thread was hilarious to me for some reason.
- 3 months
Because your previous trust is clearly misplaced.
I don’t care what somebody’s TOS says, I’m going to remain skeptical.
- DarkSirrush@piefed.caEnglish3 months
The company also announced plans to switch to dedicated servers that they own exclusively and to upgrade their entire 5,100-server infrastructure to RAM servers.
Oh, thats going to be expensive this year.
