Hackers breach Nokia’s developer forum website
Mobile phone major, Nokia has confirmed that an online hacker was able to hack into its developer forum website and also access a database table with user account information.
The company has removed its developer community site from the internet while it investigates the attack, which reportedly exploited a SQL injection vulnerability in Nokia's website to breach security. The hacker may have accessed names, email addresses, and other information belonging to developers of smartphone apps.
The company has issued a statement informing developers that their information was exposed in the attack. "The database table records includes members' email addresses and, for fewer than 7% who chose to include them in their public profile, either birth dates, homepage URL or usernames for AIM, ICQ, MSN, Skype or Yahoo," read an advisory from the company.
The advisory also clarified that the hacker did not access any sensitive information like as passwords or credit card details and thus the forum members are safe. The company also said that other Nokia accounts were not affected in the account.
Engineers at the company have already corrected the venerability which was exploited in the attack but the site remains offline due to a security assessment.