The Inquirer-Home

Nokia suspends developer web site after attack

Users' details were compromised
Tue Aug 30 2011, 10:37

FINNISH PHONE MAKER Nokia has suspended its developer forum after discovering that a recent attack had compromised users' personal details.

Nokia said in a statement that its developer forum at will be suspended until "further investigations and security assessments were complete". It admitted that users' data including email addresses and dates of birth for those who posted them on their profiles had been compromised.

Information such as passwords and credit card details are safe, and Nokia thinks the biggest risk from the breach is an increase in unsolicited email.

Nokia said, "After further detailed investigations, we identified security flaws on the forums discussion website, which enabled a database table containing developer forum members' records to be accessed.

"The records include members' email addresses and, for fewer than 7 [per cent] who chose to include them in their public profile, either birth dates, homepage URL or usernames for AIM, ICQ, MSN, Skype or Yahoo.

"However, they do not contain sensitive information such as passwords or credit card details and so we do not believe the security of forum members' accounts is at risk. Though we have no evidence of any misuse, we believe the potential risk is an increase in unsolicited email."

Nokia at first thought the original attack on 22 August was not a big concern. Indian Hacker pr0tect0r AKA mrNRG wrote on Nokia's web site, "LOL, Worlds number 1 mobile company but not spending a dime for a server security! FFS patch your security holes otherwise you will be just another antisec victim. No Dumping, No Leaking!!"

It seems things potentially could be worse than Nokia thought. µ


Share this:

blog comments powered by Disqus
Subscribe to INQ newsletters

Sign up for INQbot – a weekly roundup of the best from the INQ

INQ Poll

Happy new year!

What tech are you most looking forward to in 2015