Nokia hack reveals developer details

The intrusion resulted in the attacker redirecting visitors to the Nokia Developer Community forum to a page berating Nokia for its server security.

A hacker accessed personal details of Nokia developers in an attack on the Nokia Developer site last week, the phone manufacturer has admitted.

The intrusion resulted in the apparent attacker, pr0tect0r AKA mrNRG, redirecting visitors to the Nokia Developer Community forum to a page berating Nokia for its server security. Yesterday, Nokia told forum members that it had originally believed "only a small number" of their records had been accessed, but it had since revised that analysis.

"Further investigation has identified that the number is significantly larger," Nokia said in an e-mail sent to developers, apologizing and explaining that a SQL injection attack had exploited a vulnerability in the bulletin board software. The same statement was also put on a page that is still, at the time of writing, standing in for the Nokia Developer Community site. The company said it had addressed the initial vulnerability, but has taken the developer community Web site offline as a "precautionary measure, while we conduct further investigations and security assessments."

Read more of "Nokia admits developer details leaked in hack" at ZDNet UK.

About the author
 

Join the discussion

Conversation powered by Livefyre

Show Comments Hide Comments
Latest Galleries from CNET
Uber's tumultuous ups and downs in 2014 (photos)
The best and worst quotes of 2014 (pictures)
A roomy range from LG (pictures)
This plain GE range has all of the essentials (pictures)
Sony's 'Interview' heard 'round the world (pictures)
Google Lunar XPrize: Testing Astrobotic's rover on the rocks (pictures)