Nokia confirms data breach due to third-party code, but data is safe
- Nokia research confirms cyber attack with a third party
- The company says its own data is safe
- She will continue to monitor the situation
Nokia has confirmed that a recent data breach has indeed occurred, but that it has not affected its own internal data.
The telecom giant said it had completed its initial investigation into the incident and confirmed that a breach had occurred but that its systems and data are intact.
“Our investigation found no evidence that our systems or data were affected. Our investigation indicates a third-party security incident related to a single modified software application,” the company said. BleepingComputer.
End of life
A notorious data leaker known as IntelBroker recently posted a new ad on an underground forum, promoting a stolen archive that apparently contained data from the telecom giant.
The archive came from a third party and was said to contain a large collection of Nokia source code, with the hacker claiming to have stolen Nokia software, SSH keys, RSA keys, BitBucket logins, SMTP accounts, webhooks and hardcoded credentials.
IntelBroker claims to have hacked a third-party vendor through a SonarQube server. There they downloaded sensitive files from several companies, including Nokia.
“We found no evidence that this third-party incident would in any way compromise critical Nokia systems or data, including source code, custom software or encryption keys. Our customers are not affected in any way, including their data and networks,” Nokia said.
The source code that IntelBroker leaked was for an application that the third party built for a Nokia customer. It should work on only one network and not elsewhere, it added. No Nokia code was found either.
The company concluded its statement by saying it was “closely monitoring” the situation.
IntelBroker is reportedly a Serbian hacker who has been active since October 2022 and has a history of high-profile attacks. To date, more than 80 separate leaks have been posted to online forums by IntelBroker, targeting companies and organizations such as AMD, Apple, Europol, and HPE, among others.
Via BleepingComputer