Finnish telecommunications equipment manufacturer Nokia is currently conducting an investigation into reports of source code data being posted on a criminal hacking forum. The source code data, allegedly posted by a hacker known as “IntelBroker,” is said to have been obtained through a breach at a third party. This data includes folders named “nokia_admin1” and “nokia_etl_summary-data.”
IntelBroker initially announced on BreachForums that he had obtained the Nokia related source code and was offering it for sale. The collection of data reportedly includes SSH Keys, Source Code, RSA keys, Bitbucket logins, SMTP accounts, Webhooks, and Hardcoded credentials. The hacker later disclosed to Hackread that the asking price for the data was $20,000.
In response to these reports, a Nokia spokesperson acknowledged that the company is aware of the situation and is closely monitoring it. The unauthorized access is alleged to have occurred through a third-party contractor, and there is a possibility that Nokia’s data may have been compromised as well.
The hacker claimed that the data was sourced from Nokia’s third-party service provider SonarQube and that he was able to gain access using a default password. SonarQube has yet to provide a comment on the matter.
It is worth noting that IntelBroker has a history of posting stolen data online. In 2023, he shared data stolen from an online health insurance marketplace used by members of the U.S. Congress. Earlier this year, he posted documents allegedly taken from government contractor Acuity, prompting an investigation by the Department of State.
Incidents like these highlight the growing trend of breaches at major companies through third-party vendors. As corporations strengthen their own cybersecurity defenses, threat actors are increasingly targeting these third parties to gain access to sensitive data. Recent breaches at companies such as AT&T, Ticketmaster, Santander Bank, Advance Auto Parts, and Neiman Marcus have all been linked to attacks on their accounts at cloud-based data warehousing platform Snowflake.
As the investigation into the alleged breach involving Nokia continues, cybersecurity experts emphasize the importance of robust third-party risk management protocols to protect sensitive data and prevent unauthorized access. Stay tuned for further updates on this developing story.