Nokia data and source code leak

Updated on 04/11/2024

On November 4th IntelBroker, a malicious actor known to have managed to access and sell information from several multinational companies and organisations, including Apple and Interpol, posted on a forum alleged data belonging to Nokia, accessed through a third party (Vodafone Idea Limited), including SSH and RSA keys, BitBucket login data, SMTP accounts, webhooks, embedded credentials and even source code. This data was for sale for USD 20,000.

As this was a known threat actor, the Nokia and Vodafone Idea Limited cybersecurity teams began an investigation into the incident. Three days later, Nokia denied the stolen data in a statement, although source code belonging to Vodafone Idea Limited was leaked. Although Nokia has found no risk to its systems or data, it continues to monitor the situation closely.