Myce.com Latest Updates

Nokia’s official developer forum hacked, personal data compromised

Posted at 29 August 2011 19:48 CEST by Justin_Massoud

Nokia has confirmed it recently suffered an online security breach. The company believes the attack was relegated to a single developer’s forum, and has taken it offline until further notice. It warned that some personal data may have been lifted, but clarified that credit card numbers and passwords were not compromised.

The Nokia Developer website team issued the following statement about the attack:

You may have seen reports or received an email from us regarding a recent security breach on this developer.nokia.com/community discussion forum.

During our ongoing investigation of the incident we have discovered that a database table containing developer forum members’ email addresses has been accessed, by exploiting a vulnerability in the bulletin board software that allowed an SQL Injection attack. Initially we believed that only a small number of these forum member records had been accessed, but further investigation has identified that the number is significantly larger.

The database table records includes members’ email addresses and, for fewer than 7% who chose to include them in their public profile, either birth dates, homepage URL or usernames for AIM, ICQ, MSN, Skype or Yahoo. However, they do not contain sensitive information such as passwords or credit card details and so we do not believe the security of forum members’ accounts is at risk. Other Nokia accounts are not affected.

We are not aware of any misuse of the accessed data, but we are communicating with affected forum members, though we believe the only potential impact to them may be unsolicited email. Nokia apologizes for this incident.

Though the initial vulnerability was addressed immediately, we have now taken the developer community website offline as a precautionary measure, while we conduct further investigations and security assessments. We hope to get the site back online as soon as possible and will post developments here in the meantime.

If you have any questions on this, please contact Nokia.developer-discussions-support@nokia.com.

The suspected hacker, pr0tect0r, left a calling card according to Sophos’ Naked Security blog. Upon log-in attempts, users were redirected to a picture of Homer Simpson making his trademark “D’oh!” expression. The image was accompanied by a curt proclamation: “Owned by pr0tect0r AKA mrNRG.”

Pr0tect0r, who is purportedly based in India, implied Nokia had less-than-stellar cyber security. “Worlds number 1 mobile company but not spending a dime for server security! FFS patch you security holes otherwise you will be just another antisec victim,” he taunted. The end of his message included the phrase “no dumping, no leaking,” which implies that attack was more about proving a point than causing damage.

AntiSec is a collaboration between hacker groups Anonymous and Lulz Sec that targets online security companies, government sites and commercial entities. After its June launch, the duo leaked confidential documents related to the Arizona police department, including officers’ names, addresses and phone numbers. Last month the operation targeted Apple, leaking over 20 admins’ user names and passwords.

The Nokia Developer discussion board and other community features are still offline as of press time. This post will be updated should any new information be uncovered.

Click for more news

piracymobile phonessoftware

Click to share

There are 0 comments

Post your comment

You need to register before you can comment

Like us

Most popular headlines

TuneIn radio app update disappoints many users - requires social login

The popular mobile radio app TuneIn receives a lot of negative comments after th...

Xbox One owners complain about "horrible noise" coming from console

Xbox One owners complain about noise coming out of their game console. The issue...

Leaked Windows 9 screenshots clearly show new Start menu and more

Several German websites have been provided with new screenshots of Windows 9. Th...

Kingston HyperX 3.0 64GB USB3 Flash drive review - Speed, build quality and great looks

  • Mon 15 Sep 01:09 by Vroom

Review: Kingston DT HyperX 3.0 64GB Reviewed by: Antonis Sapanidis P...

Organisation reveals Ultra HD logo - requires HDMI 2.0 and HDCP 2.2

Digital Europe, the organisation representing the European technology industry h...

See all headlines

Community Activities

Follow Myce.com