Nokia is investigating a potential breach involving a third-party vendor after a hacker claimed to have stolen the company’s source code. “Nokia is aware of reports that an unauthorized actor has alleged to have gained access to certain third-party contractor data and possibly data of Nokia,” a Nokia spokesperson said. “Nokia takes this allegation seriously and we are investigating.
To date, our investigation has found no evidence that any of our systems or data have been impacted. We continue to closely monitor the situation.”
This statement follows a claim from a threat actor known as IntelBroker, who asserted they were selling Nokia source code obtained from a third-party vendor’s server. “Today, I am selling a large collection of Nokia source code, which we got from a 3rd party contractor that directly worked with Nokia to help aid their development of some internal tools,” IntelBroker announced.
Nokia investigates potential data breach
According to the threat actor, the stolen data includes SSH keys, source code, RSA keys, BitBucket logins, SMTP accounts, webhooks, and hardcoded credentials. IntelBroker stated that they accessed the third-party vendor’s SonarQube server using default credentials, which enabled them to download customer Python projects, including those associated with Nokia.
A file tree of the allegedly stolen data was provided to Nokia, but there has not yet been a response. IntelBroker has previously been associated with other significant cybersecurity incidents, including breaches involving numerous companies and sensitive organizations. The hacker gained notoriety after compromising the health care plans of U.S. House members, their staff, and their families.
Recent breaches linked to IntelBroker also include data leaks from various companies, allegedly stolen from a third-party SaaS vendor. For further developments on this ongoing investigation, stay tuned.
