Hacker claims to have stolen internal data from Nokia, company launches investigation
Notorious hacker IntelBroker claims to have breached a third party vendor and thus was able to exfiltrate corporate data from Nokia. The Finland-based tech company says it has launched an investigation into the matter.
“Today, I’m selling a large collection of Nokia source code, which we got from a 3rd party contractor that directly worked with Nokia to help aid their development of some internal tools,” IntelBroker writes in a message on BreachForums.
IntelBroker claims he and threat actor EnergyWeaponUser were able to lay their hands on login credentials and Nokia’s source code, including SSH keys, RSA keys, Bitbucket logins, SMTP accounts, Webhooks, and hardcoded credentials.
To validate his claim, IntelBroker uploaded a file tree to the hacking forum, showcasing various files and folders apparently related to Nokia’s internal operations.
The hacker told Hackread the collection went up for sale for $20,000. Only high-ranking members with at least God rank are allowed to inquire and bid.
In a statement, Nokia says it’s aware of the potential data breach and has launched an investigation to examine the incident, adding there currently is no evidence of any system breaches.
“Nokia is aware of reports that an unauthorized actor has alleged to have gained access to certain third-party contractor data and possibly data of Nokia. Nokia takes this allegation seriously and we are investigating. To date, our investigation has found no evidence that any of our systems or data being impacted. We continue to closely monitor the situation,” a Nokia spokesperson told Hackread and other news outlets.
The attacker has told BleepingComputer that SonarQube is the third party vendor he was able to gain access to, using standard login credentials. There he was able to download Python objects from customers, including those belonging to Nokia.
IntelBroker is a well-known hacker who’s allegedly responsible for data breaches at DC Health Link, AMD, Cisco, T-Mobile, Apple, Hewlett Packard Enterprise (HPE), Home Depot, and the Europol Expert Platform (EPE).
Your email address will not be published. Required fields are marked