Nokia says the impact of the recent data leak is very limited, and there is no indication that the cybersecurity incident could have a significant impact on the company or its customers.
On November 4, the notorious hacker known as IntelBroker announced the sale of a “large collection of Nokia source code”, which he claimed to have obtained from a third-party contractor “that directly worked with Nokia to help their development of some internal tools”.
The hacker claimed to have stolen source code, SSH and RSA keys, Bitbucket logins, SMTP accounts, and other credentials.
The tech giant’s initial statement said it had found no evidence of its systems or data being impacted.
On November 7, IntelBroker said he was unhappy with Nokia’s response and decided to make the stolen data available on a popular hacking forum.
“In this breach you will find a lot of Nokia related source code, which they lend out to their customers, as you’ll see mentions of popular ISP and internet providers mentioned,” the hacker said.
In response, Nokia said its investigation found no evidence that any of its systems or data were impacted.
“This was a 3rd party security incident, related to a single customized software application, being used on a single customer network,” Nokia spokesperson told SecurityWeek.
“This software was not developed by Nokia and cannot be used to negatively impact Nokia or its customers. We continue to closely monitor the situation,” the spokesperson added.
While several major companies have confirmed being hacked by IntelBroker in recent years, the hacker has also been known to make exaggerated claims.
Related: Deloitte Says No Threat to Sensitive Data After Hacker Claims Server Breach
Related: Finland to Investigate Suspected Nokia Chinese Data Breach
Related: Nokia-Owned SAC Wireless Discloses Data Breach
Related: Cisco Confirms Security Incident After Hacker Offers to Sell Data