Nokia confirms data breach leaked third-party code, but its data is safe

2 weeks ago

(Image credit: Pixabay)

Nokia investigation confirms cyberattack pinch a 3rd party
The institution says its ain information is secure
It will proceed to show nan situation

Nokia has confirmed a recent information breach did so happen, but did not impact its ain soul data.

The telecoms elephantine said it had completed its first investigation into nan incident, confirming that a breach had occured, but that its systems, and data, is intact.

"Our investigation has recovered nary grounds of immoderate of our systems aliases information being impacted. Our investigations constituent to a 3rd statement information incident, related to a azygous customized package application," nan institution told BleepingComputer.

End of life

An infamous information leaker known arsenic IntelBroker precocious posted a caller advertisement connected an underground forum, advertizing a stolen archive apparently containing information from nan telco giant.

The archive was taken from a 3rd party, and was said to incorporate a ample postulation of Nokia root code, pinch nan hacker claiming to person stolen Nokia software, SSH keys, RSA keys, BitBucket logins, SMTP accounts, webhooks and hardcoded credentials.

IntelBroker claims to person breached a third-party vendor via a SonarQube server. There, they downloaded delicate files belonging to aggregate companies, including Nokia.

“We person recovered nary grounds that this 3rd statement incident would successful immoderate measurement endanger captious Nokia systems aliases data, including root code, customized software, aliases encryption keys. Our customers are successful nary measurement impacted, including their information and networks,” Nokia added.

Sign up to nan TechRadar Pro newsletter to get each nan apical news, opinion, features and guidance your business needs to succeed!

The root codification IntelBroker leaked was for an exertion that nan third-party built, for a customer of Nokia’s. It was expected to activity connected only 1 network, and will not activity elsewhere, it was added. No Nokia codification was recovered inside, either.

The institution concluded its connection by saying it was “closely monitoring” nan situation.

IntelBroker is reportedly a Serbian hacker who has been progressive since October 2022, and has a history of high-profile attacks. More than 80 abstracted leaks person been posted to online forums by IntelBroker to date, pinch targets including companies and organizations specified arsenic AMD, Apple, Europol and HPE.

Via BleepingComputer

You mightiness besides like

Cisco investigates breach aft information put up for waste connected BreachForums
Here's a database of nan best firewalls today
These are nan best endpoint protection tools correct now

Sead is simply a seasoned freelance journalist based successful Sarajevo, Bosnia and Herzegovina. He writes astir IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, information breaches, laws and regulations). In his career, spanning much than a decade, he’s written for galore media outlets, including Al Jazeera Balkans. He’s besides held respective modules connected contented penning for Represent Communications.

Source Technology