Hack detected in Nokia developer network

Hack detected in Nokia developer network

By Rob Crossley

August 30th 2011 at 10:03AM

Smartphone group shuts down systems

Nokia has closed down its developer network due to an illicit data breach attack on its systems.

Sensitive details of developers from within the network have been accessed, Nokia said. Likely compromised data includes user email addresses and, in less regularity, dates of birth and other personal data such as Skype details.

The developer network has been shut down in response to the breach.

Nokia said the unauthorised access occurred “by exploiting a vulnerability in the bulletin board software that allowed an SQL Injection attack”.

“Initially we believed that only a small number of these forum member records had been accessed, but further investigation has identified that the number is significantly larger,” read a company statement.

At the time of writing, no group has claimed responsibility for the hack, and the leaked data does not appear to have surfaced elsewhere on the net.

Fewer than 7 per cent of the hacked database includes extended information such as birth date data and usernames for AIM, ICQ, MSN, Skype and Yahoo, Nokia said.

Passwords and credit card details are not thought to have been breached, Nokia added, “and we do not believe the security of forum members’ accounts is at risk. Other Nokia accounts are not affected”.

The only potential impact of the breach would be unsolicited email, the smartphone group added.

The Nokia data breach is the latest in a new craze of website hacks. The surge of data breaches were triggered late in 2010, during what was called ‘operation payback’ – when various anonymous hackers attacked the websites of banks who had withdrawn its facilities for the Wikileaks organisation.

At the time, Wikileaks – an anonymous activist website – had published vast amounts of highly confidential and potentially embarrassing correspondence between international diplomats.

The hacking craze accelerated in April when details of more than 100 million PlayStation accounts were compromised.