Nokia has issued a statement claiming leaked source code data published on an underground hacking forum was stolen from a third-party server and poses no threat to Nokia or its customers.
The Finnish telecommunications company downplayed the severity of the incident, claiming no company or customer data was implicated in the leak.
The prominent threat actor IntelBroker listed a “large collection of Nokia source code’ to the notorious BreachForums on 4 November, offering the stolen archive for sale.
It claimed it was able to steal the information from a third-party contractor that had been working closely with Nokia to help develop internal tools.
The compromised data was said to include SSH keys, source code, RSA keys, Bitbucket logins, SMTP accounts, webhooks, and hardcoded credentials.
According to external analysis of the sample data provided by IntelBroker, the leaked data also contained potentially sensitive customer information related to Vodafone Idea, India’s largest telecoms company.
Nokia immediately launched an investigation into the incident, maintaining at the time it was not aware of any malicious activity impacting its systems or data.
On 7 November, IntelBroker posted on social media stating that it would be publishing the entire collection of stolen data as Nokia refused to acknowledge the breach.
“Since Nokia have denied that they had their data taken from a 3rd party, the data is now freely available to download.”
Nokia says stolen data poses no threat to company or customers
IntelBroker told one outlet it extracted the information after gaining access to a third-party vendor’s SonarQube server using standard credentials, which allowed them to download a series of Python projects belonging to customers including Nokia.
A Nokia spokesperson told ITPro the company’s investigation showed no evidence of its internal systems or data being compromised, confirming the attacker breached a third-party working with Nokia on an application for use on a single customer network.
"Our investigation has found no evidence that our systems or data have been compromised. This is a 3rd party security incident related to a single customized software application used on a single customer network.”
The spokesperson added that the software did not contain any Nokia source code and could not be used maliciously against Nokia or its customers.
“This software was not developed by Nokia, contains no Nokia source code, and cannot be used to negatively impact Nokia or its customers. We continue to closely monitor the situation."
IntelBroker is one of the most prolific threat actors operating on BreachForums, previously listing 80 tranches of stolen data for sale on the forum.
Notable victims who have had their data leaked by the cyber criminal in recent months include Apple, Cisco, Zscaler, Europol, AMD, HSBC, and Barclays.
But questions have been raised over the authenticity of some of these claims with companies frequently claiming the scope of the stolen data possessed by IntelBroker was over exaggerated.
-
State-sponsored cyber groups are flocking to the 'ClickFix' social engineering techniqueNews State-sponsored hackers from North Korea, Iran, and Russia are exploiting the ‘ClickFix’ social engineering technique for the first time – and to great success.
-
Google hits back at DOJ breakup proposalsNews Google has struck back against US regulators, claiming that plans to dismantle the company would "hurt the economy".
-
Nokia subsidiary reveals data breach following Conti ransomware raidNews SAC Wireless notifies current and former employees that their personal information may be at risk
-
Nokia blackmailed for millions of Euros six years agoNews Criminals who stole source code extorted phone company, according to reports
-
Hackers breach Nokia developer communityNews SQL injection attack forces Nokia to take down a developer community forum.
-
Week in Review: Kaspersky hit by hackers, UK hit by spending cutsNews This week, security company Kaspersky gets hit by an anti-virus scam and George Osborne unleashes the spending cuts on the nation.
-
Week in Review: Nokia World and the invisible keyboardNews This week in IT, Nokia World was held in London, HP spent over a billion on a security firm and an invisible keyboard was created.
-
Smartphone security survives hacking tournamentNews Smartphones are left unhacked, but is that because they are inherently secure, or because security experts don’t know enough about them?
-
Check Point buys up Nokia’s security appliancesNews A 12-year collaborative effort ends with Check Point taking over Nokia’s portfolio and making it its own.
-
Week in Review: Apple confuses on securityNews This week, Apple's attitude to security confuses, as does the drive to make mobile phones work on underground trains.
