Nokia confirms data breach leaked third-party code, but its data is safe

Stolen code is for a specific app with very narrow use, Nokia says

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Nokia has confirmed arecent data breachdid indeed happen, but did not affect its own internal data.

The telecoms giant said it had completed its initial investigation into the incident, confirming that a breach had occured, but that its systems, and data, is intact.

“Our investigation has found no evidence of any of our systems or data being impacted. Our investigations point to a 3rd party security incident, related to a single customized software application,” the company toldBleepingComputer.

End of life

An infamous data leaker known as IntelBroker recently posted a new ad on an underground forum, advertising a stolen archive apparently containing data from the telco giant.

The archive was taken from a third party, and was said to contain a large collection of Nokia source code, with the hacker claiming to have stolen Nokia software, SSH keys, RSA keys, BitBucket logins, SMTP accounts, webhooks and hardcoded credentials.

IntelBroker claims to have breached a third-party vendor via aSonarQube server. There, they downloaded sensitive files belonging to multiple companies, including Nokia.

“We have found no evidence that this 3rd party incident would in any way endanger critical Nokia systems or data, including source code, customized software, or encryption keys. Our customers are in no way impacted, including their data and networks,” Nokia added.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

The source code IntelBroker leaked was for an application that the third-party built, for a client of Nokia’s. It was supposed to work on only one network, and will not work elsewhere, it was added. No Nokia code was found inside, either.

The company concluded its statement by saying it was “closely monitoring” the situation.

IntelBroker is reportedly a Serbian hacker who has been active since October 2022, and has a history of high-profile attacks. More than 80 separate leaks have been posted to online forums by IntelBroker to date, with targets including companies and organizations such asAMD,Apple, Europol and HPE.

ViaBleepingComputer

You might also like

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Rising AI threats are making firms turn back to human intelligence

Thousands of employees could be falling victim to obvious phishing scams every month

Warhammer 40,000: Darktide is coming to PS5 with PS5 Pro support at launch