https://securityaffairs.co/wordpress/92808/hacking/nordvpn-torguard-vikingvp... NordVPN and TorGuard VPN firms were hacked, threat actors leaked the private keys used to secure their web servers and VPN configuration files. Hackers have breached the systems used by NordVPN and TorGuard VPN companies and leaked the private keys used to secure their web servers and VPN configuration files. The information belonging to the NordVPN company that was leaked online were stolen from the server of the VPN provider last year. [...] A bigger problem was that they weren't practicing secure PKI management because the CA private key was stupidly on the same server. With that private key, an attacker could easily generate their own server cert/key and MiTM any other server. [...] The keys could be used for a man-in-the-middle attack. In addition, it can be assumed that the attacker was able to access traffic during the hack. [...] “A few months ago, we became aware that, on March 2018, one of the datacenters in Finland we had been renting our servers from was accessed with no authorization.” reads the statement published by the VPN provider. “The attacker gained access to the server by exploiting an insecure remote management system left by the datacenter provider. We were unaware that such a system existed. [...] The incident also impacted other VPN providers using the same data center, such as VikingVPN and TorGuard. TorGuard was the only VPN provider of the three impacted by the incident to be implementing secure PKI management this means that its main CA key was not on the affected VPN server. Giacomo