A claim made by the hacker known as IntelBroker on the BreachForums criminal marketplace has sparked concerns about a potential breach of Nokia’s data. The hacker alleged to have stolen a significant amount of Nokia’s source code and internal credentials during a hack on a third-party contractor associated with Nokia’s internal tools development. The stolen data was offered for sale, with an asking price of $20,000.
IntelBroker reportedly disclosed to Bleeping Computer that the stolen data includes secure shell protocol keys, RSA encryption keys, BitBucket logins, Simple Mail Transfer Protocol accounts, webhooks, and hardcoded credentials. The breach was said to have been enabled by gaining access to a third-party server using default credentials.
Despite these claims, Nokia has issued a statement denying any evidence of a data breach affecting its systems or data. The company stated that it is aware of the reports but emphasized that its investigation has not found any indication of impact on its systems or data. Nokia continues to monitor the situation closely.
Cybersecurity experts, such as Jim Routh, chief trust officer at Saviynt, have weighed in on the situation, expressing surprise at the alleged breach. Routh questioned why a third party would have access to Nokia’s source code and speculated that the hacker may have exploited a software engineer involved in an internal project. The investigation into the alleged data breach is ongoing, and more information is expected to emerge over time.
As the story continues to develop, it is crucial for Nokia to maintain vigilance and ensure the integrity of its systems and data. Cybersecurity threats are constantly evolving, and companies must take proactive measures to protect their assets from unauthorized access and potential breaches. Stay tuned for updates on this evolving situation as more details come to light.