Intel Broker hacker claims breach of Nokia internal systems through third-party contractor

The hacker under the alias Intel Broker claims to have accessed Nokia’s internal systems through a breach involving a third-party contractor. The stolen information is being offered for sale on the forum for $20,000.

Intel Broker posted a file tree on BreachForums to substantiate the claim. The hacker alleges that they obtained the data from a contractor closely associated with Nokia’s internal development operations. According to Intel Broker’s posts on BreachForums, the stolen data includes:

• SSH keys,
• RSA keys,
• source code,
• Bitbucket logins,
• SMTP accounts,
• webhooks,
• various hardcoded credentials.

Apparently no customer data was compromised.

Nokia acknowledged the breach claim, stating that they are aware of the reports and are investigating. A spokesperson confirmed Nokia’s active monitoring of the situation and clarified that, to date, there is no evidence of unauthorized access to Nokia’s systems or data.

Update - as of 6th of November 2024, Nokia reports no evidence of impact on its systems or customer data, while it continues to monitor and investigate the situation.

As of 8th of November 2024, Nokia confirmed the breach. The company claims that no critical Nokia systems or data were compromised, with company source code, corporate software, and encryption keys remaining secure. Additionally, customer data and networks are claimed to be unaffected by the incident. The investigation revealed that the leaked source code belonged to a third-party application with very limited scope, designed for a specific client network and described as end-of-life.