Yeah you're right about Nord not being trustworthy, as I read on an
Arstechnica article this morning . Apparently they got hacked about a year and a half ago and had their encryption keys stolen. On top of it, they didn't bother to tell anybody until a couple days ago.
So whether they are stealing customers information or not is almost less important, because the hackers could have every bit of data that has gone over Nord's servers for the last year and a half. And they could have all the personal data of every current and previous Nord customer, including things like credit card numbers.
If they really had such great security, they could never have been hacked like this. Hack's of this type are strictly caused by insufficient security, either due to technical incompetence or simply not caring enough to keep thier system secure. And no matter who's fault it was, they certainly shouldn't have kept it a secret for so long.