Hackers breach Nokia developer community
By Tom Brewster,
Nokia's developer website has been hit by an SQL injection attack.
The Finnish mobile firm warned a significant number of members from the mobile giant’s developer community forum had their details accessed.
The site has been taken down as a precautionary measure. The vulnerability exploited to attack the forum has been addressed, Nokia confirmed.
What we think...
Nokia has added to the growing list of tech giants who have been hit by a hack attack this year.
Sony and RSA have already felt the pain of what a data breach means in terms of cost and reputation. Nokia, already in a bedraggled state in the smartphone market, will be hoping the ramifications aren’t so serious.
Tom Brewster, Senior Staff Writer
“During our ongoing investigation of the incident we have discovered that a database table containing developer forum members' email addresses has been accessed, by exploiting a vulnerability in the bulletin board software that allowed an SQL Injection attack,” a post on the developer.nokia.com/community discussion forum read at the time of publication.
“Initially we believed that only a small number of these forum member records had been accessed, but further investigation has identified that the number is significantly larger.”
As for what data could have been swiped by the intruders, Nokia said email addresses were compromised. For a small proportion of users who chose to include such information in their public profile, birth dates and usernames for Web 2.0 sites including MSN, Skype and Yahoo were accessed.
“They do not contain sensitive information such as passwords or credit card details and so we do not believe the security of forum members’ accounts is at risk. Other Nokia accounts are not affected,” Nokia added.
“We are not aware of any misuse of the accessed data, but we are communicating with affected forum members, though we believe the only potential impact to them may be unsolicited email. Nokia apologises for this incident.”
You may also like...
Sponsored Links
advertisement
You may also like...
Latest Security Analysis & Insight
What is your password worth?
Would you be tempted to sell off company passwords for a fee? If not, seems like you're in the minority, acccording to research.
- Macs under attack?
- Intel: security inside
- Are you spending too much on IT security?
- Does the government want to snoop on your data?
- Eurocrats versus the cyber criminals
- The truth about spam
- Google and privacy: What’s the problem?
- Q&A: Symantec’s CISO on the source code hack
- RSA: Back from the breach?
Latest Security Reviews
Check Point 2210 Appliance review
Rating: 
advertisement
Most popular
- UK regulator shuts down Angry Birds scam
- Apple iPad 3 vs iPad 2 head-to-head review
- IBM bans use of Siri on iPhones
- Chromebooks: What's gone wrong?
- HP plans massive job cuts
- EMC World 2012: Tucci declares Documentum is here to stay
- Dell EqualLogic PS6100XS review
- Macs and Android under malware threat
- RIM loses its head of sales
- Local fibre broadband needs common standards
Latest News Videos in Security
IT PRO Podcast: Are UK data protection laws flawed?
PlayWe bring in two experts to talk about the problems with UK data protection law and the way it is managed.
Register for IT PRO
You'll get exclusive member benefits including free whitepapers, downloads, Webinars and weekly newsletters full of the latest IT PRO news, reviews, insight and expertise.
