NordVPN Review: Better Than They Were, Worse Than They Should Be

NordVPN hid a security breach for 18 months. Then they actually addressed the problems.

Now they own Surfshark too, and most users have no idea they’re choosing between brands owned by the same company. So are they reformed?

Yes and no. They’re better on security, still monopolistic on everything else. Which makes them a 6/10 - the acceptable compromise when you’re choosing between imperfect options.

Let me explain why this is the most conflicted review I’ve written.

⚡ 30-Second Verdict

Owner: Nord Security (owns NordVPN + Surfshark + Atlas VPN)
The scandal: March 2018 breach, hidden until October 2019
What changed: RAM-only servers, multiple independent audits, transparency reports
Monopoly concern: Owns Surfshark too (market consolidation most users don’t realize)
Commission: ~$40/sale (standard affiliate rate)
Rating: 6/10 (reformed on security, monopolistic on ownership)

Bottom line: NordVPN is the ex who went to therapy and actually changed - but is still lying about other shit. Good enough for streaming Netflix, not good enough for serious privacy. If Mullvad confuses you and ExpressVPN is owned by ex-adware companies, NordVPN is the acceptable middle ground.

Try NordVPN (30-Day Refund If/When You Change Your Mind)

The Original Sin: 2018 Breach Timeline

Let’s start with what they did wrong, because I’m not letting them forget it.

March 2018: The Breach Happened

One of NordVPN’s rented servers in Finland was breached. A datacenter provider left a remote management interface exposed.

What was compromised:

One server’s expired private TLS key
Potential to intercept traffic from users connected to that specific server
No user credentials stolen (according to NordVPN)

What NordVPN claims:

They didn’t know about the breach immediately
The datacenter didn’t notify them
They only discovered it “months later”

October 2019: Finally Disclosed (18 Months Later)

NordVPN didn’t voluntarily disclose the breach. A security researcher found the compromised key and made it public.

THEN NordVPN released a statement:

“We were not notified, nor were we aware of the breach until a few months ago.”

Why This Was Dishonest

Timeline problems:

Breach: March 2018
“Discovered months later”: Let’s say September 2018 (generous estimate)
Public disclosure: October 2019
That’s 13+ months of silence AFTER they knew

What they did during the silence:

Continued marketing “military-grade security”
Accepted new customers without disclosure
Ran ads claiming to be most secure VPN
Said nothing

The datacenter’s version:

TorGuard (another VPN) was breached at same datacenter
That datacenter claims they DID notify affected VPN providers
Someone’s lying about whether NordVPN was notified

My Take: I Don’t Forgive This

Hiding a security breach for over a year while marketing your service as secure is disqualifying for high-trust scenarios.

Period.

If NordVPN had disclosed in April 2018 (“We had a breach, here’s what happened, here’s what we’re doing”), I’d respect that. Breaches happen.

But hiding it for 18 months? That’s a trust violation that can’t be fully repaired.

This is NordVPN’s original sin. Everything that follows has to be viewed through this lens.

But Here’s What Changed (And Why It Matters)

Now here’s where this gets complicated: NordVPN actually addressed their security problems.

Unlike ExpressVPN (owned by Kape, just rebranded from alleged adware business) or other VPNs that had scandals and did nothing, NordVPN made verifiable improvements.

I hate that I have to give them credit. But credit where it’s due.

1. RAM-Only Servers (Diskless Infrastructure)

Post-breach, NordVPN switched to 100% RAM-only servers.

What this means:

Servers run entirely from RAM (no hard drives)
When server reboots, all data is wiped
Even if breached, no persistent logs to steal

Why this matters:

This is a real security improvement, not marketing
Industry best practice (Mullvad, ProtonVPN do this too)
Makes good on “no logs” promise (nothing to log)

Can I verify this? Not personally. But independent auditors have verified NordVPN’s infrastructure. More on that below.

2. Independent Security Audits (Multiple)

NordVPN has been audited by multiple independent firms post-breach:

PwC audit (2020):

Verified no-logs policy
Reviewed infrastructure claims
Published report available on NordVPN’s site

VerSprite audit (2023):

Audited apps and infrastructure
Penetration testing
Verified security practices

Cure53 audits (ongoing):

Browser extension audits
App security reviews
Third-party vulnerability testing

My take: These are legitimate audits from reputable firms, not marketing bullshit. PwC and VerSprite don’t stake their reputations on fake audits.

Compare to competitors:

Mullvad: Proven via police raid (2023) - better proof
ProtonVPN: Audited by Securitum (2022) - comparable
ExpressVPN: Audited too, but owned by questionable company
NordVPN: Multiple audits prove post-breach reform

3. Warrant Canary and Transparency Reports

Starting in 2020 (should have started in 2014, but better late than never), NordVPN began publishing:

Transparency reports (government data requests)
Warrant canary (confirms they haven’t received secret orders)
Detailed disclosure of legal requests received

Latest transparency report (2023):

Received requests from law enforcement
Unable to provide data (no logs to provide)
Documented what they could and couldn’t comply with

My take: This is what actual transparency looks like. They’re showing their work.

4. Bug Bounty Program

NordVPN now pays security researchers to find vulnerabilities through platforms like HackerOne and Bugcrowd.

Why this matters:

Shows they’re not hiding from scrutiny anymore
Incentivizes responsible disclosure
Better than “hope nobody finds problems” approach

5. Infrastructure Overhaul

Post-breach changes:

Ditched third-party rented datacenters (lesson learned)
Built colocated infrastructure they control
10Gbps servers (legitimately fast)
Better control over physical security

My interpretation: The 2018 breach was partially blamed on datacenter provider. NordVPN’s response was to control their own infrastructure. That’s a legitimate fix.

The Verdict on Reform: Better Than They Were

Did NordVPN reform after the 2018 breach? In my opinion, yes - on security practices.

They:

✅ Switched to RAM-only servers
✅ Got independently audited (multiple times)
✅ Started transparency reports
✅ Built their own infrastructure
✅ Implemented bug bounty program

These aren’t marketing claims. These are verifiable actions audited by third parties.

Does this erase the 18-month cover-up? No.

Does it mean I trust them for high-stakes privacy? No.

Does it mean they’re acceptable for casual use (streaming, basic privacy)? Grudgingly, yes.

The Surfshark Ownership: Monopoly Problem

Now here’s why NordVPN can’t score higher than 6/10: They own Surfshark, and most users have no idea.

This is market consolidation that creates the illusion of competition.

The Common Ownership

Nord Security owns:

NordVPN (flagship product)
Surfshark (appears to be competitor)
Atlas VPN (budget brand)

The merger happened in 2022 and was publicly announced. NordVPN and Surfshark were acquired by the same parent company (Cyberspace BV, now operating as Nord Security).

To their credit: This was disclosed in press releases and corporate filings. They didn’t hide it.

The problem: Most users don’t know. Review sites write articles like:

“NordVPN vs Surfshark: Which Is Better?”
“Surfshark Review: A NordVPN Alternative”
“NordVPN or Surfshark? We Compare Them”

They’re owned by the same company. The comparison is between two brands controlled by the same parent.

Why This Is Problematic

Imagine if Coca-Cola owned Pepsi and review sites wrote “Coke vs Pepsi” comparisons without mentioning common ownership.

That’s the situation here.

The business strategy:

Own multiple VPN brands serving different market segments
Review sites compare them as if they’re independent competitors
Nord Security captures market share regardless of which one user chooses
Most users never realize they’re choosing between the same parent company

Nord Security didn’t hide the merger - it was publicly announced. But they benefit from users not knowing about it.

The Disclosure Reality

Nord Security disclosed the merger publicly in 2022 through press releases and corporate announcements. This is verifiable.

What’s less clear to consumers:

The brands still market themselves separately
There’s no obvious indication on either website about common ownership
Review sites treat them as independent competitors

Is this deceptive? That’s debatable:

The information is public (not hidden)
Many companies own multiple brands (Procter & Gamble, Unilever, etc.)
But most users don’t research corporate ownership structures

My take: It’s not lying, but it’s monopolistic behavior that benefits from user ignorance.

My Take: This Prevents Them From 8/10

Here’s why the Surfshark ownership matters:

NordVPN could be an 8/10 VPN if they’d reformed from 2018 and operated independently.

But they’re building a monopoly (NordVPN + Surfshark + Atlas VPN) that most users don’t realize exists.

This is legal. It’s common in business. But it’s monopolistic behavior that concentrates market power.

Companies building monopolies while most consumers think they’re choosing between competitors get 6/10, not 8/10.

The Nord Security monopoly deserves deeper analysis - I may write that separately. For this review, what matters is: NordVPN is part of a market consolidation strategy that reduces real competition in the VPN industry.

That’s the difference between a truly reformed independent company (8/10) and a reformed company building a monopoly (6/10).

Technical Performance: Actually Really Good

Okay, now the part where I have to admit NordVPN works well.

Speed Test Results

I tested NordVPN across 15 servers globally over 2 weeks.

Testing setup:

Baseline: 500 Mbps fiber connection
Protocol: WireGuard (NordLynx)
Tested US, EU, Asia servers

Average results:

US servers: 380-450 Mbps (76-90% of baseline)
EU servers: 350-420 Mbps (70-84% of baseline)
Asia servers: 250-350 Mbps (50-70% of baseline)

Rating: 8/10 - NordVPN is legitimately fast. Among the fastest VPNs I’ve tested.

Compare to competitors:

ExpressVPN: Comparable (8/10)
NordVPN: 8/10
ProtonVPN: Slower (7/10)
Mullvad: Fast but variable (7/10)

My take: If speed is your priority, NordVPN delivers. Their 10Gbps infrastructure and WireGuard implementation (NordLynx) is legitimately fast.

Netflix and Streaming: Annoyingly Excellent

Does NordVPN unblock Netflix? Unfortunately, yes - better than any other VPN I’ve tested.

What works reliably:

Netflix US, UK, Canada, Japan, etc.: Works consistently
BBC iPlayer: Works most of the time
Disney+, Hulu, HBO Max: Works well
Amazon Prime Video: Works

The reality I hate admitting:

I wish Mullvad was this good for streaming. I wish ProtonVPN was this consistent.

But if your primary use case is unblocking Netflix, NordVPN is objectively the best option.

Rating: 9/10 for streaming - It just works.

No VPN can guarantee unblocking streaming services because Netflix actively fights VPNs. But NordVPN succeeds more consistently than competitors.

Server Network: Huge and Overkill

NordVPN’s network:

111 countries
6,000+ servers globally
Specialty servers: P2P, Double VPN, Obfuscated, Onion over VPN

Compare to competitors:

ExpressVPN: 105 countries
NordVPN: 111 countries
ProtonVPN: 65 countries
Mullvad: 40 countries

My take: The massive network is nice for avoiding congestion and finding nearby servers. But 111 countries is overkill for most users. This is marketing as much as utility.

You probably need servers in 5-10 countries max. The rest is “look how big our network is” advertising.

Apps: Polished and User-Friendly

NordVPN’s apps are well-designed for non-technical users:

Clean interface (not overwhelming)
One-click connect
Built-in kill switch
Split tunneling (route some apps through VPN, others direct)
Available on: Windows, Mac, Linux, iOS, Android, browser extensions

My take: If you’re recommending a VPN to your parents, NordVPN’s apps are easier than Mullvad’s (which can confuse non-technical users).

Rating: 8/10 for user experience

Pricing: The Permanent “Limited Time” Sale

NordVPN’s pricing is psychologically manipulative, but the actual price is reasonable.

The Pricing Game

“Regular” prices:

Monthly: $12.99/month

“Limited time sale” (always running):

2-year plan: $3.39/month ($81.36 upfront)
1-year plan: $4.99/month ($59.88 upfront)

The manipulation:

The “sale” is ALWAYS running
Monthly price is artificially inflated to make 2-year look amazing
You’ll renew at higher price after 2 years

Compare to competitors:

Mullvad: €5/month forever (no games)
ProtonVPN: $9.99/month or $3.99/month (2-year)
NordVPN: $12.99/month or $3.39/month (2-year)
ExpressVPN: $12.95/month or $6.67/month (2-year)

My take: The pricing tactics are manipulative and deceptive. But if you commit to 2 years, $3.39/month is reasonable value for what you get. The fake urgency (“Sale ends soon!” - no it doesn’t, it’s always running) is a deliberate tactic to pressure purchases.

The Monopoly Problem: Nord Security’s Empire

NordVPN isn’t just a VPN company. Nord Security is building an empire:

What Nord Security owns:

NordVPN - Flagship VPN
Surfshark - “Competitor” VPN (fake competition)
Atlas VPN - Budget VPN brand
NordPass - Password manager
NordLocker - Encrypted cloud storage
Incogni - Data broker removal service

This is vertical integration - owning multiple products in the same market to capture different customer segments.

Compare to Kape Technologies:

Kape owns: ExpressVPN, CyberGhost, PIA, ZenMate + vpnMentor review site
Nord Security owns: NordVPN, Surfshark, Atlas (but doesn’t own review sites… yet)

My take: The monopoly is concerning, but Nord Security’s history is cleaner than Kape’s (ex-Crossrider, allegedly involved in adware distribution).

I’ve mapped this in detail: Who Really Owns Your VPN? The VPN Monopoly Map

This consolidation is why “independent” VPN reviews are mostly bullshit. Three companies control most of the market.

Why I’m Not Rating Them Lower

Obvious question: If NordVPN hid a breach for 18 months and owns Surfshark, why not 3/10 like ExpressVPN?

Answer: Because there’s a difference between ex-malware companies and companies that fucked up but actually fixed things.

ExpressVPN (3/10) vs NordVPN (6/10)

ExpressVPN’s problem:

Owned by Kape Technologies (formerly Crossrider)
Crossrider’s platform was allegedly used for adware distribution for 5 years
When caught, they rebranded (Crossrider → Kape)
No fundamental business model change

NordVPN’s problem:

Had a security breach (single incident)
Hid it for 18 months (massive trust violation)
When forced to disclose, they actually reformed their security practices
Multiple audits prove improvement

Both companies have problems. One is trying to fix theirs. The other just changed their name.

That’s the difference between 6/10 and 3/10.

Panama Jurisdiction: Marketing Bullshit

NordVPN is based in Panama, which they market as “outside 14 Eyes surveillance alliance!”

Reality check: Jurisdiction mostly doesn’t matter - it’s fear-mongering marketing.

What actually matters:

Is the company trustworthy? (Questionable but improving)
Do they keep logs? (Audits say no)
Have they been tested? (Not by police raid like Mullvad)

Panama gives NordVPN some legal flexibility, but it’s not the privacy panacea they market it as.

My take: Focus on actual security practices (RAM servers, audits), not jurisdiction marketing.

The Affiliate Commission Reality

NordVPN pays approximately $40 per sale (standard affiliate rate, varies by program tier).

Here’s the math I’m working with:

If I recommend NordVPN:

100 sales = $4,000
500 sales = $20,000
1,000 sales = $40,000

Compare to other options:

ExpressVPN: $95/sale = $95,000 for 1,000 sales (I rejected this)
ProtonVPN: $25/sale = $25,000 for 1,000 sales
NordVPN: $40/sale = $40,000 for 1,000 sales
Mullvad: $0/sale = $0 (I recommend anyway)

Why I recommend NordVPN anyway (sometimes):

Because for the specific use case of casual streaming and basic privacy, they’re objectively good. Fast servers, works with Netflix, reformed security practices post-2018.

When I DON’T recommend them:

Privacy purists who can’t forgive breaches → Mullvad (9/10)
People who want independent companies → ProtonVPN (8/10)
Anyone facing actual privacy threats → Use Mullvad

The monopoly consolidation is why NordVPN can’t score higher than 6/10. Reformed security practices + market consolidation = 6/10, not 8/10.

Should You Forgive Them? (Three Types of VPN Users)

This is the philosophical question at the heart of this review.

Type 1: The Purist

Your position: “Once a liar, always a liar. They hid a breach for 18 months. Trust is broken forever.”

Your choice: Mullvad (9/10)

Police raid proved no-logs
€5/month, no email required
No breach history
Most private option

My take: This is a valid position. I respect it.

Type 2: The Realist

Your position: “I believe in redemption through action. NordVPN has proven improvement through independent audits and infrastructure changes.”

Your choice: NordVPN (6/10)

Fast servers, works for Netflix
Multiple independent audits post-breach
Acceptable for casual use
Reformed enough for low-stakes scenarios

My take: Also valid if you need streaming and can accept the history.

Type 3: The Skeptic (This Is Me)

Your position: “I acknowledge the security improvements, but the monopoly consolidation concerns me. I want something in between.”

Your choice: ProtonVPN (8/10)

Swiss privacy laws
Transparent ownership (Proton AG)
No breach history
Open source apps

My take: This is where I land. NordVPN is good enough for streaming. It’s not good enough for serious privacy.

Know Which Category You’re In

The quick decision matrix:

Just want Netflix + basic security? → NordVPN (6/10)
Want better privacy but need support? → ProtonVPN (8/10)
Privacy purist who can’t forgive breaches? → Mullvad (9/10)
Choosing between NordVPN and ExpressVPN? → Choose NordVPN (reformed villain beats ex-malware company)

My framing:

“NordVPN is what I’d recommend to my mom who wants to watch UK Netflix. Mullvad is what I’d recommend to a journalist covering corruption. ProtonVPN is what I’d recommend to someone who wants both privacy and usability.

Know which category you’re in.”

What NordVPN Gets Right

Let me be fair and list what they do well:

✅ Actually reformed post-2018: RAM servers, audits, transparency reports ✅ Fast as hell: 8/10 for speed, among the fastest VPNs ✅ Best for streaming: 9/10 for Netflix, works reliably ✅ Large server network: 111 countries, 6,000+ servers ✅ Good apps: User-friendly for non-technical users ✅ Independent audits: PwC, VerSprite, Cure53 verify claims ✅ Bug bounty program: Actively seeking vulnerability reports ✅ Reasonable price: $3.39/month on 2-year plan

For casual users who need streaming + basic privacy, NordVPN delivers.

What NordVPN Gets Wrong

Now the problems that prevent them from scoring higher:

❌ 2018 breach cover-up: 18 months of silence is unforgivable for high-stakes use ❌ Monopoly consolidation: Owns Surfshark + Atlas (market concentration) ❌ Pricing manipulation: “Limited time” sale is always running ❌ Monopolistic behavior: Nord Security building empire ❌ Panama jurisdiction marketing: Overstates importance of location ❌ Can’t reach 8/10+ with this history: Reformed on security, but monopolistic

For privacy purists or people facing actual threats, the problems disqualify them.

How NordVPN Compares to Alternatives

NordVPN (6/10) vs Mullvad (9/10)

Choose Mullvad if:

Privacy is absolute priority
You can’t forgive 2018 breach
You want open source verification
€5/month flat pricing appeals to you
You don’t need Netflix to always work

Choose NordVPN if:

Streaming is primary use case
Speed matters more than privacy purity
You believe in redemption through action
You want user-friendly apps
You’re okay with breach history given reforms

My ranking:

Mullvad (9/10) - Most private, proven
NordVPN (6/10) - Good for streaming, reformed but flawed

NordVPN (6/10) vs ProtonVPN (8/10)

Choose ProtonVPN if:

You want Swiss privacy laws
Transparent ownership matters
No breach history is important
Open source verification appeals to you

Choose NordVPN if:

Streaming is priority #1
You want fastest speeds
You can overlook 2018 breach
Lower price matters ($3.39 vs $3.99/month)

My ranking:

ProtonVPN (8/10) - Better ownership, no breach history
NordVPN (6/10) - Faster, better streaming, but problematic history

NordVPN (6/10) vs ExpressVPN (3/10)

Choose NordVPN if:

You’re deciding between these two
Reformed villain > ex-malware company
You want better value ($3.39 vs $6.67/month)
Comparable speeds matter

Choose ExpressVPN if:

You don’t care about Kape’s history
You trust closed-source software
Price isn’t a factor

My ranking:

NordVPN (6/10) - Reformed, audited, better value
ExpressVPN (3/10) - Kape ownership disqualifying

🔍 Verify This Yourself

Want to see the raw data behind my claims? Check out the data spreadsheets - technical details, ownership records, pricing, and more.

Don’t trust my review. Verify these claims:

2018 breach: Search “NordVPN 2018 breach October 2019” - read the timeline
Surfshark ownership: Search “Nord Security Surfshark merger 2022” - verify common ownership
PwC audit: Visit nordvpn.com/blog/nordvpn-audit/ - read the audit report
Server network: Visit nordvpn.com/servers/ - verify 111 countries claim
RAM servers: Search “NordVPN diskless servers” - verify infrastructure claims
Pricing: Visit nordvpn.com - check if “sale” is running (spoiler: it always is)
Nord Security empire: Search “Nord Security brands” - verify they own Nord + Surf + Atlas
Speed tests: Read independent speed tests from multiple sources

Everything I’ve stated is verifiable through public sources, audit reports, and NordVPN’s own disclosures.

My Verdict: 6/10 (Reformed Villain)

Overall: 6/10

Breakdown:

Security: 7/10 (improved post-2018, audited, RAM servers, but breach history matters)
Trust: 4/10 (breach cover-up + monopoly consolidation = concerns remain)
Performance: 8/10 (fast, reliable, excellent streaming)
Value: 6/10 (good on 2-year plan, manipulative pricing tactics)
Transparency: 5/10 (better than 2018, worse than ProtonVPN)

The math: (7+4+8+6+5)/5 = 6/10

Use Case Decision Guide

Quick flowchart for choosing:

→ Just want Netflix + basic security? → NordVPN (6/10)

Fast, reliable streaming
Reformed security practices
Good enough for casual use

→ Want better privacy but need support? → ProtonVPN (8/10)

Swiss laws, no breach history
Transparent ownership
Open source apps

→ Privacy purist who can’t forgive breaches? → Mullvad (9/10)

Proven by police raid
No email, anonymous payment
€5/month forever

→ Choosing between NordVPN and ExpressVPN? → Choose NordVPN

Reformed villain > ex-malware company
Both have issues, but Nord tried to fix theirs

Bottom Line: The Reluctant Recommendation

NordVPN failed dramatically in 2018. They hid a breach for 18 months while marketing themselves as secure. That’s unforgivable for high-stakes privacy.

But here’s the thing: They actually made improvements. RAM-only servers. Multiple independent audits from PwC, VerSprite, Cure53. Transparency reports. Bug bounties. These aren’t marketing claims - they’re verifiable improvements audited by reputable third parties.

However: They’re building a monopoly. Nord Security now owns NordVPN, Surfshark, and Atlas VPN - controlling multiple brands that appear to compete but share the same parent company. This market consolidation concentrates power and reduces real competition.

Do I trust them as much as Mullvad? Absolutely not.

Do I wish ProtonVPN was faster for streaming? Yes.

But if your primary use case is streaming Netflix and you want fast speeds with acceptable privacy, NordVPN is objectively the best option in that specific category.

They’re the reformed villain who actually went to therapy and made changes - but is still building an empire.

I’m recommending them grudgingly, for a specific use case, with full disclosure of their past and present problems.

Try NordVPN (They Actually Refund - I've Tested It)

NordVPN is good enough for watching Netflix securely. It’s not good enough for investigative journalism or actual privacy threats.

Know which category you’re in, and choose accordingly.

Transparency Note: NordVPN pays approximately $40/sale through their affiliate program (standard rate). I recommend them for specific use cases (streaming, casual privacy) despite their 2018 breach because they’ve made verifiable security improvements audited by independent firms. I rank Mullvad higher (9/10, $0 commission) and ProtonVPN higher (8/10, $25 commission) because they have cleaner histories and aren’t building monopolies. This review reflects my honest opinion: NordVPN is a 6/10 reformed villain - better than they were, worse than they should be, good enough for most people who aren’t privacy purists.

Legal Note: This review discusses documented facts about NordVPN’s 2018 breach, corporate ownership structure, independent audits, and technical features. Where I express opinions about trustworthiness or make recommendations, these are clearly marked as my personal opinions based on publicly available information, audit reports, and my own testing.