Nokia, a leading telecommunications company, has reportedly suffered a data breach involving critical infrastructure components. Threat actors identifying themselves as "IntelBroker" and "EnergyWeaponUser" have claimed to have gained access to a trove of Nokia's sensitive data, which they are now allegedly selling on the hacker forums.
According to the hackers' claims, the stolen data includes Nokia's source code, Secure Shell (SSH) keys, RSA keys, Bitbucket credentials, SMTP accounts, and hardcoded credentials. This type of information is critical for the secure operation and maintenance of telecommunications infrastructure.
The exposure of the source code could allow cybercriminals to reverse-engineer Nokia's products, potentially uncovering vulnerabilities that could be exploited in future attacks.
The compromise of the SSH and RSA keys, used for secure communication, could enable attackers to impersonate legitimate users or devices, granting them unauthorized access to Nokia's servers and systems.
Additionally, the leaked Bitbucket credentials could provide the hackers with visibility into Nokia's software development history, including security patches and future product plans. The SMTP accounts, if indeed compromised, could be used to launch phishing campaigns or engage in other unauthorized communication within Nokia or with its partners.
In a statement to The Record, Nokia denied the reports of the breach, stating,
"Nokia is aware of reports that an unauthorized actor has alleged to have gained access to certain third-party contractor data and possibly data of Nokia. Nokia takes this allegation seriously and we are investigating. To date, our investigation has found no evidence that any of our systems or data being impacted. We continue to closely monitor the situation."
Cyber Kendra reached out to Nokia for comment but has not yet received a response.
According to a tweet from the Twitter account "@IntCyberDigest," there are also indications that customer data for 4G/5G products of Vodafone Idea Limited (VIL) may have been leaked as part of this breach.
 |
| Source - @IntCyberDigest |
This suggests that the potential impact of the alleged Nokia compromise could extend beyond the company itself, potentially affecting its customers and partners as well.
The emergence of this incident is part of a broader trend of supply chain attacks, where cybercriminals target less secure third-party vendors and service providers to gain access to larger, more well-defended organizations.
Recently, Intel Broker claims a major data breach at Cisco, allegedly stealing source codes, confidential documents, and credentials from global firms like Verizon, AT&T, Microsoft, and more. Data is now for sale on Breach Forums.
As the telecommunications industry continues to play a crucial role in modern infrastructure, the potential consequences of this alleged Nokia breach, if confirmed, could be far-reaching.