Nokia says hackers leaked third-party app source code

2 weeks ago 18
BOOK THIS SPACE FOR AD
ARTICLE AD

Nokia says hackers leaked third-party app source code

Nokia's investigation of recent claims of a data breach found that the source code leaked on a hacker forum belongs to a third party and company and customer data has not been impacted.

The statement comes in response to threat actor IntelBroker earlier this week releasing data belonging to Nokia, allegedly stolen after breaching a third-party vendor's server.

The hacker tried to sell the data, claiming that it includes SSH keys, source code, RSA keys, BitBucket logins, SMTP accounts, webhooks, and hardcoded credentials, but they decided to leak it after Nokia denied the breach.

IntelBroker's data leak post on BreachForumsIntelBroker's data leak post on BreachForums
Source: BleepingComputer

BleepingComputer contacted Nokia for a comment about the incident and a company spokesperson said that the investigation uncovered a third-party security breach.

"Our investigation has found no evidence of any of our systems or data being impacted. Our investigations point to a 3rd party security incident, related to a single customized software application" - Nokia

IntelBroker previously told BleepingComputer that they breached a third-party vendor via a poorly protected SonarQube server, which allowed the download of files of multiple large companies, Nokia among them.

“We have found no evidence that this 3rd party incident would in any way endanger critical Nokia systems or data, including source code, customized software, or encryption keys. Our customers are in no way impacted, including their data and networks,” the company told BleepingComputer

The leaked source code is for an application not developed by the company, but by a third-party. The app was built to function only in one network, could not function outside it, and does not contain any Nokia code.

Despite having found no risk to its systems or data, the Finnish multinational corporation says that it continues "to closely monitor the situation."

Read Entire Article