Hacker “888” leaks personal data of Nokia and Microsoft employees on Breach Forums. Data breaches at third-party contractors exposed contact details, posing identity theft and phishing risks.
A hacker known as “888” has leaked the personal and contact details of thousands of Nokia and Microsoft employees on the notorious cybercrime platform, Breach Forums. According to the hacker, both leaks resulted from data breaches at a third-party contractor, meaning neither Nokia’s nor Microsoft’s servers were breached or accessed directly.
Nokia Employee Data
The Hackread.com research team discovered that “888” leaked a CSV file on Breach Forums. After analyzing the file, it was concluded that it contains personal and business contact data of over 7,258 Nokia employees, including:
- Job title
- Full name
- Company name
- Country and State
- Direct and corporate phone numbers
- 7,258 email addresses, all hosted on @Nokia.com
It is important to note that this is not a global Nokia data breach and does not contain data of all Nokia employees. The data includes information on 7,258 employees based in the US and Finland.
It is also worth noting that as of 2024, Nokia employs approximately 86,900 people globally, with locations including the United States, Ireland, Finland, UAE, India, France, Denmark, Portugal, Tunisia, and the Philippines. Additionally, it remains unclear whether this data is related to current or former employees, though the data ranges between June 2022 and February 2023.
Microsoft Employee Data
On Tuesday, July 9, 2024, Hackread.com’s research team observed “888” announcing another data leak, this time involving Microsoft employees. The total number of individuals impacted by this leak is 2,047. According to the hacker, this breach also stemmed from a third-party contractor. The leaked data includes:
- Job title
- Full name
- City, State, and Country
- Links to LinkedIn profiles
- Company phone number
- Direct and corporate phone numbers
- 2,047 email addresses, all hosted on @Microsoft.com
While no passwords or payment data were included in this leak, the presence of LinkedIn profiles poses a significant risk. State-backed actors and other malicious threat actors can use this information for identity theft, social engineering scams, and phishing attacks against employees. This tactic has proven to be quite successful in recent times, especially given Microsoft’s recent history of being targeted by Russian and Chinese hackers.
Implications and Threats
Although the absence of passwords and payment data might suggest a less severe impact, the potential threats remain substantial. The leaked information can be exploited for various malicious activities, including identity theft and targeted phishing attacks. Both Nokia and Microsoft, as well as their employees, should be alert and take necessary precautions to mitigate these risks.
RELATED TOPICS
- Dell Discloses Data Breach As Hacker Sells 49 Million User Data
- Insurance Giant ‘Globe Life’ Data Breach Impacting Policyholders
- Shadow IT: Personal GitHub Repos Expose Employee Cloud Secrets
- Location Tracker Firm Tile Hit by Data Breach, Internal Tools Accessed
- AMD Data Breach: IntelBroker Claims Theft of Employee and Product Info
