Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

Nokia developer forum hacked, still unavailable

Nokia said e-mail addresses of forum members have been accessed

The community section of Nokia's developer site was hacked, and some member's e-mail addresses have been accessed, the mobile phone maker said.

The part of the site has been taken down, and instead delivers a statement from the company about the hack.

Nokia said that during its ongoing investigation of the incident, it discovered that a database table containing e-mail addresses of developer forum members was accessed, by exploiting a vulnerability in the bulletin board software that allowed an SQL injection attack.

"Initially we believed that only a small number of these forum member records had been accessed, but further investigation has identified that the number is significantly larger," the statement said.

Nokia did not specify when the site was hacked, though it is likely to have happened last week, according to some reports.

The database table records includes members' e-mail addresses and, for fewer than 7 percent who chose to include them in their public profile, either birth dates, homepage URL (uniform resource locator) or usernames for AIM, ICQ, MSN, Skype or Yahoo services. Sensitive information such as passwords and credit cards details were not compromised, and the potential fallout of the hack is likely to be limited to unsolicited mail, Nokia said.

After addressing the initial vulnerability, Nokia said it took the developer community website offline as a precautionary measure, while it conducts further investigations and security assessments. The developer community section was still down on Tuesday.

Soon after the hack, visitors to the community pages were taken to a third-party web page containing an image of Homer Simpson, the character from the TV series The Simpsons, and a message, warning the company to patch its security holes, according to reports.

The hack of Nokia's developer site is the latest in a series of hacks of corporate and government web sites. An April hack on Sony's PlayStation Network and Qriocity online services forced Sony to close both networks while it rebuilt cyber defense systems. In all, it took two and a half months for the full resumption of service.

John Ribeiro covers outsourcing and general technology breaking news from India for The IDG News Service. Follow John on Twitter at @Johnribeiro. John's e-mail address is john_ribeiro@idg.com

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: etwork, ICQ, IDG, MSN, Nokia, Skype, Sony, Yahoo
References show all

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the CIO comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: data breach, intrusion, Nokia, security
Latest Blog Posts
Whitepapers
  • Seven Steps to Effective Data Governance
    Creating a framework to ensure the confidentiality, quality, and integrity of data – the core meaning of data governance – is essential to meet both internal and external requirements, such as financial reporting, regulatory compliance, and privacy policies. At its best, data governance roots out risk – both business and compliance risk – by increasing oversight. This white paper provides seven steps for taking such an approach, concluding with a real world example, taking an incremental approach using a repeatable framework that is a practical, proven strategy that any size organization can implement to suit their immediate and long-term needs and budget.
    Learn more »
  • Case Study: Keeping information on the move: Clearswift protects Maman, the logistics experts
    Time is money. Every minute a consignment is held up in transit costs money and causes problems. Web and email are mission critical business tools that enable Maman, and their customers, to efficiently collaborate with partners across the globe. Spam, and other web based threats can result in delays that ultimately lead to missed deadlines - keeping the lines of communication open is therefore a key priority for Maman. Read on.
    Learn more »
  • Government Communications 2.0
    The problem with data is that it’s only useful if you share and use it. Equally, the more data we share electronically, the greater the risk of it falling into the wrong hands. Public sector organisations can’t function without legitimately gathering and using personal information about the citizens they are mandated to serve. Technology has made a significant contribution to that process, but has also brought new risks. Read on.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.
Recent comments