Hacker Selling Nokia Data For $20,000, Nokia Says Nothing To See Here

A notorious hacker claims to have gained unauthorized access to sensitive Nokia data and is selling it for $20,000. Here’s what we know so far.

featured-image

In a posting to the notorious BreachForums criminal marketplace, the equally notorious hacker known as IntelBroker has offered data claimed to have been stolen from Nokia for sale. The data, which Intel Broker said includes source code and internal credentials, is alleged to have been stolen during a breach of a third-party contractor. Here’s what we know so far.

The Nokia Data Breach As Claimed By IntelBroker A Nov. 04 posting by IntelBroker, a hacker with a history of selling breached data, to the criminal underground marketplace known as BreachForums made the claim that a “large collection of Nokia source code” had been obtained during a hack on a third-party contractor which “directly worked with Nokia to help aid their development of some internal tools." That posting itself didn’t name a price for the alleged stolen data, instead asking for offers.



However, in a conversation with the HackRead publication, IntelBroker said that the asking price was $20,000. Bleeping Computer, meanwhile, reported that IntelBroker had told the publication that the stolen data includes secure shell protocol keys, source code, RSA encryption keys, BitBucket logins, Simple Mail Transfer Protocol accounts, webhooks and hardcoded credentials. Access, that report said, was gained to an unnamed third-party’s server using default credentials.

Nokia Has Found No Evidence Of A Data Breach A Nokia spokesperson issued a statement denying any evidence that its systems or data had been impacted. “Nokia is aware of reports that an unauthorized actor has alleged to have gained access to certain third-party contractor data and possibly data of Nokia. Nokia takes this allegation seriously and we are investigating.

To date, our investigation has found no evidence that any of our systems or data being impacted. We continue to closely monitor the situation.” Jim Routh, chief trust officer at cybersecurity firm Saviynt, told Dark Reading that the alleged breach was a head-scratcher.

"The head-scratching comes from why a third party has access to Nokia source code," Routh said, adding that it was possible the hacker had exploited a software engineer working on an internal project. This is a developing story and I will update it as more information is confirmed..