© 2024 CoolTechZone - Latest tech news,
product reviews, and analyses.

Nokia confirms hack at third party vendor


Investigation showed that the hacker responsible for the data breach at Nokia has leaked a source code, but it belongs to a third party developer and doesn’t contain any Nokia code.

Last week, a hacker called IntelBroker said he was able to gain access to the corporate network of a third party contractor that directly deals with Nokia.

He claimed he was able to lay his hands on login credentials and Nokia’s source code, including SSH keys, RSA keys, Bitbucket logins, SMTP accounts, Webhooks, and hardcoded credentials.

The threat actor put the data up for sale, asking for $20,000.

“Nokia is aware of reports that an unauthorized actor has alleged to have gained access to certain third-party contractor data and possibly data of Nokia. Nokia takes this allegation seriously and we are investigating. To date, our investigation has found no evidence that any of our systems or data being impacted. We continue to closely monitor the situation,” a Nokia spokesperson told the media.

Since then IntelBroker decided to publish the data he stole.

“Since Nokia have denied that they had their data taken from a 3rd party, the data is now freely available to download,” the hacker said in a statement on X.

“In this breach you will find a lot of Nokia related source code, which they lend out to customers, as you’ll mentions of popular ISP and internet providers mentioned,” he adds in a post on the dark web.

Nokia now confirms that there has been a data breach at a third party vendor, but that the company and customers aren’t in any danger.

“We have found no evidence that this 3rd party incident would in any way endanger critical Nokia systems or data, including source code, customized software, or encryption keys. Our customers are in no way impacted, including their data and networks,” the Finland-based tech company says in a statement to BleepingComputer.

In addition, Nokia says the leaked source code is for an application that was developed by a third party to work only in one network belonging to a Nokia client. Therefore, it doesn’t contain any code from Nokia.

The tech company says it will keep on monitoring the situation closely.


Leave a Reply

Your email address will not be published. Required fields are marked