Heimdal
article featured image

Contents:

Nokia is investigating a potential data breach after Serbian hacker IntelBroker claimed to sell the company’s source code.

The attacker said he got the data by breaching one of the telecom giant’s third-party vendor. In his post on BreachForums, he said he had for sale, among others:

  • proprietary Nokia code
  • SSH keys
  • RSA keys
  • BitBucket logins
  • SMTP accounts
  • webhooks

Allegedly, IntelBroker gained initial access to the vendor’s SonarQube server by using default credentials. Thus, he has exfiltrated Nokia’s and other customers’ Python projects.

The attacker was previously involved in a series of high-profile data leaks that impacted DC Health Link, Apple, Hewlett Packard Enterprise, T-Mobile, AMD, etc.

However, for the moment, Nokia has denied finding any evidence of a breach in their systems.

Nokia takes this allegation seriously and we are investigating. To date, our investigation has found no evidence that any of our systems or data being impacted.

Source – TechRadar

How to deal with third party security risks

Verizon’s 2024 Data Breach Investigation Report revealed that 15% of the analyzed breaches involved a third party. Today few successful businesses can cover all their needs in-house. Digitalization made outsourcing easier, but it also opened the gate for a series of threats.

This Guide to Third Party Risk Management can help you navigate easier through this type of cybersecurity challenge.

But there’s another important lesson to learn from this Nokia stolen source code story, if it proves to be true. Unchanged default credentials keep causing security breaches. There might be many reasons for why this is still happening, but I’m going to focus now on the solution.

Automate your privileged access processes. Using a Privileged Account and Session Management solution will solve in the blink of an eye:

If you liked this article, follow us on LinkedIn, Twitter, Facebook, and Youtube, for more cybersecurity news and topics.

Author Profile

Livia Gyongyoși

Communications and PR Officer

Livia Gyongyoși is a Communications and PR Officer within Heimdal®, passionate about cybersecurity. Always interested in being up to date with the latest news regarding this domain, Livia's goal is to keep others informed about best practices and solutions that help avoid cyberattacks.

CHECK OUR SUITE OF 11 CYBERSECURITY SOLUTIONS

SEE MORE