Hackers claim to have breached Nokia through a third-party contractor, allegedly stealing SSH keys, source code, and internal credentials. The data is being sold for $20,000 on BreachForums, though no customer data was affected. Nokia has not yet commented on the claim.
A notorious hacker known as Intel Broker has announced a data breach involving the telecommunications giant Nokia. Posting on the infamous cybercrime forum BreachForums, Intel Broker claims to have gained unauthorized access to sensitive Nokia information through a third-party contractor linked to Nokia’s internal tool development.
The hacker claims that no customer information was accessed, but they have obtained critical internal data from Nokia’s systems, which they’re now selling for $20,000.
Details of the Breach
According to Intel Broker’s post, the stolen data includes SSH keys, source code, RSA keys, Bitbucket logins, SMTP accounts, webhooks, and hardcoded credentials. All of these items could potentially enable further unauthorized access to internal systems or facilitate other types of cyber attacks. In an attempt to validate the breach, Intel Broker also shared a file tree, showcasing various files and folders apparently related to Nokia’s internal operations.
In an exclusive conversation with Hackread.com, Interl Broker said that the stolen data collection is up for sale for $20,000, and he is reaching out to prospective buyers on BreachForums. According to the post, only those with high-ranking status and sufficient reputation on the forum are being encouraged to inquire.
The hacker claims to have pulled this data from a contractor working closely with Nokia, rather than Nokia’s own systems directly. This method of breaching systems through third-party vendors has become increasingly common, as vendors are often granted extensive access to the companies they serve. Cybersecurity experts have long warned about this weak point, advising companies to ensure that security standards extend to their contractors and partners.
Potential Impact
While Intel Broker emphasizes that customer data is not included in the breach, the exposure of alleged Nokia’s internal data could still have widespread implications. With access to development environments, source code, and credentials, hackers could potentially tamper with Nokia’s tools or services, or exploit the vulnerabilities in these resources to compromise other systems.
Nokia’s Response
Nokia promptly responded to Hackread.com. In a statement, a Nokia spokesperson confirmed that the company is aware of the reports and is actively investigating. However, they indicated that there is currently no evidence that Nokia’s systems or data have been affected.
“Nokia is aware of reports that an unauthorized actor has alleged to have gained access to certain third-party contractor data and possibly data of Nokia. Nokia takes this allegation seriously and we are investigating. To date, our investigation has found no evidence that any of our systems or data being impacted. We continue to closely monitor the situation.”
Nokia Spokesperson
About Intel Broker
Intel Broker who is also the owner of Breach Forums is known for high-profile data breaches. In June 2024, the hacker claimed to have breached Apple Inc., stealing source code for internal tools. The same hacker boasted about breaching AMD (Advanced Micro Devices, Inc.), and stealing employee and product information.
In May 2024, Intel Broker hacked Europol, a breach that the agency later confirmed. Some of the hacker’s previous data breaches are listed below:
- Tech in Asia
- Space-Eyes
- Home Depot
- Facebook Marketplace
- Staffing giant Robert Half
- U.S. contractor Acuity Inc.
- Los Angeles International Airport
- Alleged breaches of HSBC and Barclays Bank
Although the hacker’s origins and affiliates are unknown, according to the United States government, IntelBroker is alleged to be the perpetrator behind one of the T-Mobile data breaches.