Nokia Probes Company Source Code Theft

5 Nov 2024 1:45 pm GMT+0000 Date Time

Nokia Investigates Stolen Source Code Claims
Nokia has initiated an investigation following reports from the Intelbroker hacker regarding the sale of stolen source code belonging to the company. According to Nokia, an unauthorized individual has alleged access to data belonging to both third parties and potentially Nokia itself. While the company has not yet discovered any indications of compromised systems or data, it is actively monitoring the situation. The incident came to light after Intelbroker claimed to have obtained Nokia source code through a server belonging to a third-party contractor. The hacker stated that the target was a partner involved in the development of internal tools for Nokia. Allegedly, the attacker obtained SSH-keys, source code, RSA-keys, Bitbucket logs, SMTP, webhooks, and hardcoded credentials. Intelbroker revealed that access to the third-party contractor’s SonarQube was gained through standard login credentials, enabling the download of Python projects, which are believed to include Nokia’s development work. While BleepingComputer accessed files related to Nokia’s structure from the hacker’s post, the company is yet to provide an official response. Intelbroker, known for previous high-profile leaks such as the DC Health Link hack and breaches involving Hewlett Packard Enterprise (HPE) and General Electric (GE), has now been linked to incidents involving data leaks from T-Mobile, AMD, and Apple. These leaks are believed to have originated from hacking third-party providers of SaaS services.

Nokia Investigates Stolen Source Code Claims

Nokia has initiated an investigation following reports from the Intelbroker hacker regarding the sale of stolen source code belonging to the company.

According to Nokia, an unauthorized individual has alleged access to data belonging to both third parties and potentially Nokia itself. While the company has not yet discovered any indications of compromised systems or data, it is actively monitoring the situation.

The incident came to light after Intelbroker claimed to have obtained Nokia source code through a server belonging to a third-party contractor. The hacker stated that the target was a partner involved in the development of internal tools for Nokia. Allegedly, the attacker obtained SSH-keys, source code, RSA-keys, Bitbucket logs, SMTP, webhooks, and hardcoded credentials.

Intelbroker revealed that access to the third-party contractor’s SonarQube was gained through standard login credentials, enabling the download of Python projects, which are believed to include Nokia’s development work. While BleepingComputer accessed files related to Nokia’s structure from the hacker’s post, the company is yet to provide an official response.

Intelbroker, known for previous high-profile leaks such as the DC Health Link hack and breaches involving Hewlett Packard Enterprise (HPE) and General Electric (GE), has now been linked to incidents involving data leaks from T-Mobile, AMD, and Apple. These leaks are believed to have originated from hacking third-party providers of SaaS services.

/Reports, release notes, official announcements.