Summary
Through a third-party contractor, hackers allegedly gained access to Nokia and stole internal credentials, source code, and SSH keys. BreachForums is selling the data for $20,000. No customer data was impacted. Regarding the claim, Nokia has not yet responded.In a statement, Nokia claimed, “Nokia is aware of claims that an unauthorised actor has reportedly gained access to certain third-party contractor data and perhaps data of Nokia.” After a hacker claimed to be selling the company’s stolen source code, Nokia is looking into whether a third-party vendor was compromised.
“Nokia is aware of reports that an unauthorized actor has alleged to have gained access to certain third-party contractor data and possibly data of Nokia. Nokia takes this allegation seriously and we are investigating. To date, our investigation has found no evidence that any of our systems or data being impacted. We continue to closely monitor the situation.”
Team Nokia
Intelbroker Breachforum Post
SSH keys, source code, RSA keys, Bitbucket logins, SMTP accounts, webhooks, and hardcoded credentials are among the stolen material, according to Intel Broker’s report. All of these things might make it easier for other kinds of cyberattacks to occur or allow for more illegal access to internal systems. A file tree displaying numerous files and folders actually connected to Nokia’s internal processes was also given by Intel Broker in an effort to verify the intrusion.
IntelBroker is contacting potential purchasers on BreachForums and stated that the stolen data collection is for sale for $20,000.
“Today, I am selling a large collection of Nokia source code, which we got from a 3rd party contractor that directly worked with Nokia to help aid their development of some internal tools.”
IntelBroker
Potential Impact Nokia Will Suffer
There may still be broad effects from the reported internal Nokia data leak. Hackers may be able to modify Nokia’s tools or services or take advantage of flaws in these resources to compromise other systems if they have access to development environments, source code, and credentials.
Intelbroker Profile
A number of high-profile disclosures, including as the hack of DC Health Link, which oversees health insurance for members of the US Congress, are blamed on IntelBroker. Additionally, IntelBroker has been connected to data breaches at businesses like General Electric (GE) and Hewlett Packard Enterprise (HPE).
Recent events involving data dumps from Apple, AMD, and T-Mobile have involved IntelBroker. The hacking of third-party SaaS companies also led to these releases.
