In a recent development, hackers have claimed to have successfully breached the cybersecurity defenses of the renowned telecommunication giant Nokia. The breach was orchestrated through a third-party contractor associated with Nokia’s internal tool development, allowing the hackers to illicitly obtain sensitive information from the company’s systems. The hacker, identified as Intel Broker, has purportedly accessed a range of critical data, including SSH keys, source code, RSA keys, Bitbucket logins, SMTP accounts, webhooks, and hardcoded credentials. This extensive data collection is currently being offered for sale on the dark web forum BreachForums for a sum of $20,000.

It is important to note that no customer data was compromised in this breach, according to the hacker. However, the stolen internal data poses a significant threat as it could potentially be utilized to infiltrate Nokia’s development environments, manipulate source code, access confidential credentials, and compromise the integrity of the company’s services. The hacker has also shared a file tree outlining various files and folders related to Nokia’s internal operations, serving as proof of the breach’s authenticity.

The method of exploiting vulnerabilities in third-party vendors to gain unauthorized access to a company’s systems is a recurring trend in cybersecurity breaches. Companies often grant vendors extensive access to their networks, creating potential weak points in their security infrastructure. Cybersecurity experts have consistently warned about the risks associated with overlooking the security measures of contractors and partners in safeguarding sensitive information.

Nokia has acknowledged the reports of the breach and assured that they are actively investigating the matter. A spokesperson for the company stated that there is currently no evidence to suggest that Nokia’s systems or data have been compromised. The company is closely monitoring the situation to prevent any further unauthorized access or data breaches.

Intel Broker, the hacker behind the breach, is known for conducting high-profile cyberattacks on various organizations. In the past, the hacker claimed responsibility for breaching companies like Apple Inc. and Advanced Micro Devices, Inc. (AMD), stealing confidential data and internal information. The hacker has a track record of orchestrating data breaches that have garnered attention from cybersecurity experts and law enforcement agencies.

As the investigation into the Nokia breach continues, cybersecurity measures are being reinforced to prevent any potential exploitation of the stolen data. Companies are being urged to enhance their security protocols and vetting procedures for third-party contractors to mitigate the risks of future breaches. The incident serves as a stark reminder of the evolving threats in the digital landscape and the importance of implementing resilient cybersecurity practices to safeguard sensitive information.

Link na izvor