November 4, 2024 at 06:52PM
Nokia is investigating a claim by hacker IntelBroker, who alleges to sell stolen Nokia source code obtained from a third-party vendor. While Nokia has found no evidence of a breach in its own systems, it is monitoring the situation closely. IntelBroker has a history of compromising multiple companies.
### Meeting Takeaways
1. **Investigation of Data Breach**: Nokia is conducting an investigation to confirm if a third-party vendor has been breached, following claims from a hacker that they are in possession of Nokia’s stolen source code.
2. **Company Statement**: Nokia has publicly acknowledged the allegations and stated that, as of now, their investigation has found no direct evidence of impact on their systems or data.
3. **Hacker Involvement**: The hacker, known as IntelBroker, claims to be selling various stolen data from Nokia related to source code and critical credentials, reportedly obtained through unauthorized access to a third-party contractor’s server.
4. **Details of Stolen Data**: Allegedly stolen data includes:
– SSH keys
– Source code
– RSA keys
– BitBucket logins
– SMTP accounts
– Webhooks
– Hardcoded credentials
5. **Method of Breach**: IntelBroker accessed the third-party vendor’s SonarQube server by exploiting default credentials, thereby downloading customer projects – including those linked to Nokia.
6. **Previous Incidents Linked to IntelBroker**: IntelBroker has a history of cybersecurity breaches, including incidents involving:
– DC Health Link
– Hewlett Packard Enterprise (HPE)
– Weee! grocery service
– Data leaks from T-Mobile, AMD, and Apple through a third-party SaaS vendor.
7. **Awaiting Confirmation**: BleepingComputer has reached out to Nokia to verify if the shared file tree belongs to them, but no response has been received as of now.
8. **Continued Monitoring**: Nokia is committed to closely monitoring the situation as the investigation continues.