Hacker gang claims breach of Nokia through a vulnerable third-party contractor
Learn More
Nokia Corporation, the Finnish telecommunications giant, is investigating claims of a data breach that allegedly exposed sensitive information belonging to over 94,500 employees.
The incident, was claimed by a cybercriminal group identifying as "Tsar0Byte". The hackers allegedly accessed Nokia's internal network through vulnerabilities in a third-party contractor's systems who had access to Nokia's internal networks for tool development purposes.
Security researchers analyzing the incident suggest that Tsar0Byte likely gained initial access via default credentials or misconfigured access controls.
According to claims made by the threat actor, the compromised data includes:
- Full names of employees
- Corporate email addresses
- Phone numbers
- Department information
- Job titles and roles
- Employee identification numbers
- LinkedIn profile traces
- Internal references
- Corporate hierarchies
- Internal documents
- Partner-side logs
The number of affected individuals is reported to be over 94,500 Nokia employees.
Nokia's cybersecurity team has acknowledged awareness of the claims and is conducting an investigation into the alleged breach. Nokia clarified that no evidence of compromise to their primary systems has been found so far. The company continues to monitor the situation closely as investigations proceed.
Nokia has faced a similar claim in November 2024, another threat actor called IntelBroker claimed to have stolen source code and credentials from a different third-party contractor working with the company.
As of the time of reporting, Nokia has not issued a public statement regarding the alleged breach.
