Nokia Investigating Data Breach, IntelBroker Allegedly Selling Source Code


Nokia, the multinational telecommunications company, is currently investigating claims of a significant data breach after a notorious hacker known as IntelBroker announced the sale of allegedly stolen source code and sensitive information.

The hacker, in collaboration with another threat actor called EnergyWeaponUser, claims to have obtained a substantial collection of Nokia’s proprietary data through a third-party contractor directly involved in the company’s internal tool development.

SIEM as a Service

The compromised data reportedly includes SSH keys, source code, RSA keys, Bitbucket credentials, SMTP accounts, webhooks, and hardcoded credentials.

Nokia Investigating Data Breach, IntelBroker Allegedly Selling Source Code
Breach Claim

Nokia Investigating Data Breach

Nokia has acknowledged the situation and released a statement: “Nokia is aware of reports that an unauthorized actor has alleged to have gained access to certain third-party contractor data and possibly data of Nokia. Nokia takes this allegation seriously and we are investigating.

Build an in-house SOC or outsource SOC-as-a-Service -> Calculate Costs

To date, our investigation has found no evidence that any of our systems or data being impacted. We continue to closely monitor the situation”.

The potential breach extends beyond Nokia’s immediate systems. According to cybersecurity news outlet International Cyber Digest, the incident may have affected Nokia’s 4G/5G product data related to Vodafone Idea Limited (VIL), one of India’s largest telecom providers with over 217 million subscribers.

This development raises concerns about the potential impact on critical infrastructure and telecommunications networks in India.

IntelBroker is selling the allegedly stolen data on the cybercrime forum BreachForums for $20,000, accepting cryptocurrency payments.

The hacker claims that no customer information was directly accessed, but the stolen internal data could potentially enable further unauthorized access to Nokia’s systems or facilitate other types of cyberattacks.

This incident highlights the growing trend of supply chain attacks, where cybercriminals target less secure third-party vendors to gain access to larger, more well-defended organizations.

It also underscores the need for enhanced cybersecurity protocols across all levels of development and data handling, especially in critical sectors like telecommunications.

As the investigation continues, the potential consequences of this alleged breach, if confirmed, could be far-reaching. The exposure of source code and internal credentials could lead to reverse engineering of Nokia’s products, potentially uncovering vulnerabilities that could be exploited in future attacks.

The incident serves as a stark reminder for organizations to reassess their third-party risk management strategies and ensure robust cybersecurity practices are in place to protect against both insider threats and external attackers.

Run private, Real-time Malware Analysis in both Windows & Linux VMs. Get a 14-day free trial with ANY.RUN!



Source link