Nokia developer forums hacked: 'Significant number' of records stolen

Summary:Nokia's developer online community has been hacked into and defaced.In a statement on the Nokia community pages, which have since been closed amid the hack, the phone giant warns that members' personal information, including dates of birth and email addresses, may have been stolen.

Nokia's developer online community has been hacked into and defaced.

In a statement on the Nokia community pages, which have since been closed amid the hack, the phone giant warns that members' personal information, including dates of birth and email addresses, may have been stolen.

The statement details how database tables containing the personal information were accessed by exploiting a vulnerability in the bulletin board software, through means of "an SQL injection attack".

While Nokia believed that only a small number of records had been accessed, further evidence shows that the number is "significantly larger".

"The database table records includes members’ email addresses and, for fewer than 7% who chose to include them in their public profile, either birth dates, homepage URL or usernames for AIM, ICQ, MSN, Skype or Yahoo.

However, they do not contain sensitive information such as passwords or credit card details and so we do not believe the security of forum members’ accounts is at risk. Other Nokia accounts are not affected."

The site was also defaced by a hacker calling himself "pr0tect0r" AKA mrNRG", redirecting the site to a page with a message calling on Nokia to "patch your security holes otherwise you will be just another antisec [sic] victim".

The message suggests that the hack was a pre-warning message to a wider campaign under the AntiSec (anti-security) movement, but does not rule out that AntiSec hackers were not involved.

Nokia is the latest victim in a long line of attacks by hackers this year.

LulzSec, which disbanded after fifty days of hacking and releasing sensitive data, started the AntiSec movement with hacktivist collective Anonymous, in a bid to expose lax online security of websites and databases.

Earlier this year, the Sony PlayStation Network was taken offline for six weeks, after hackers compromised 77 million total users. Credit card details and other personal information was stolen and published online.

Related content:

Topics: Apps, Nokia, Software Development

About

Zack Whittaker writes for ZDNet, CNET, and CBS News. He is based in New York City.

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.