In October 2024, NordVPN received a warrant from the Panamanian government to provide user data as part of a criminal investigation. NordVPN only disclosed payment-related information and confirmed the presence of an account associated with the provided email address, due to its no-logs policy. The incident highlights potential vulnerabilities in data privacy, despite strong security measures and the company's commitment to user privacy.
Source: https://www.wired.com/story/best-vpn/
"id": "nor000011525",
"linkid": "nord-vpn",
"type": "Breach",
"date": "1/2025",
"severity": "60",
"impact": "2",
"explanation": "Attack limited on finance or reputation"