3rd Party Risk Management , Governance & Risk Management , Incident & Breach Response
Hacker Claims to Leak Nokia Source Code
Noka 'Is Aware of Reports'Finnish telecommunications equipment manufacturer Nokia is investigating the alleged posting of source code data on a criminal hacking forum.
A hacker going by the handle of "IntelBroker," who is also the owner of the current iteration of BreachForums, on Thursday posted what he said is a trove of "Nokia-related source code" obtained through a breach at a third party. The data includes folders named "nokia_admin1" and "nokia_etl_summary-data."
IntelBroker initially said in a Tuesday BreachForums post that he was selling the code, describing it as a collection of "SSH Keys, Source Code, RSA keys, Bitbucket logins, SMTP accounts, Webhooks and Hardcoded credentials."
A Nokia spokesperson said the company is "aware of reports that an unauthorized actor has alleged to have gained access to certain third-party contractor data and possibly data of Nokia. We continue to closely monitor the situation."
The hacker told Hackread on Tuesday the price for the data would be $20,000.
The data came from Nokia third-party service provider SonarQube, IntelBroker told Bleeping Computer. The hacker said he used a default password to gain access. SonarQube did not immediately respond to a request for comment.
IntelBroker in 2023 posted online data stolen from an online health insurance marketplace used by members of U.S. Congress, their families and staffers. Earlier this year, he triggered an investigation at the Department of State after posting online documents apparently stolen from government contractor Acuity (see: US State Department Investigating Hacking Claims).
Breaches at major companies through third parties are an increasingly common phenomenon as corporations harden their own cyber defenses. A plethora of blue chip brands including AT&T, Ticketmaster, Santander Bank, automotive parts supplier Advance Auto Parts and luxury retailer Neiman Marcus earlier this year grappled with breaches caused by a series of attacks against their accounts at cloud-based data warehousing platform Snowflake (see: Canadian Cops Bust Suspected Hacker Tied to Snowflake Hits).