LoRaWAN is by design very secure —authentication and encryption are, in fact, mandatory—but networks and devices can be compromised if security keys are not kept safe, not randomized across devices or if cryptographic numbers used once (nonces) are reused, as is shown by numerous blog posts.