https://www.theregister.co.uk/2019/10/21/nordvpn_security_issue/

Analysis NordVPN spent today attempting to downplay a security breach in which someone sneaked into one of its servers for purposes unknown.

Here's what we know: miscreants were able to exploit a poorly secured remote-management system, built into the server and understood to be iLO or iDRAC, to gain control of the box in March 2018. They were able to gain access to the LXC containers running on the machine, and its OpenVPN software files and cryptography keys, it is claimed. The TLS certificate, since expired, for the nordvpn.com website was also stolen from the system.