Nokia developer forum hacked, still unavailable

By cxo-research On August 30, 2011 · In News
Nokia said e-mail addresses of forum members have been accessed
By John Ribeiro
IDG News Service (Bangalore Bureau)

BANGALORE
(08/30/2011) – The community section of Nokia’s developer site was hacked, and some members’ e-mail addresses have been accessed, the mobile phone maker said.

The part of the site has been taken down, and instead delivers a statement from the company about the hack.

Nokia said that during its ongoing investigation of the incident, it discovered that a database table containing e-mail addresses of developer forum members was accessed, by exploiting a vulnerability in the bulletin board software that allowed an SQL injection attack.

“Initially we believed that only a small number of these forum member records had been accessed, but further investigation has identified that the number is significantly larger,” the statement said.

Nokia did not specify when the site was hacked, though it is likely to have happened last week, according to some reports.

The database table records includes members’ e-mail addresses and, for fewer than 7 percent who chose to include them in their public profile, either birth dates, homepage URL (uniform resource locator) or usernames for AIM, ICQ, MSN, Skype or Yahoo services. Sensitive information such as passwords and credit cards details were not compromised, and the potential fallout of the hack is likely to be limited to unsolicited mail, Nokia said.

After addressing the initial vulnerability, Nokia said it took the developer community website offline as a precautionary measure, while it conducts further investigations and security assessments. The developer community section was still down on Tuesday.

Soon after the hack, visitors to the community pages were taken to a third-party web page containing an image of Homer Simpson, the character from the TV series The Simpsons, and a message, warning the company to patch its security holes, according to reports.

The hack of Nokia’s developer site is the latest in a series of hacks of corporate and government web sites. An April hack on Sony’s PlayStation Network and Qriocity online services forced Sony to close both networks while it rebuilt cyber defense systems. In all, it took two and a half months for the full resumption of service.
John Ribeiro covers outsourcing and general technology breaking news from India for The IDG News Service. Follow John on Twitter at @Johnribeiro. John’s e-mail address is john_ribeiro@idg.com

Tagged with:
 
If you enjoyed this article, please consider sharing it!
Reddit Facebook Twitter Delicious Mixx StumbleUpon Digg

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Looking for something?

Use the form below to search the site:


Still not finding what you're looking for? Drop a comment on a post or contact us so we can take care of it!

Subscribe to CIO Pakistan Videos on Our YouTube Channel!

Gallery

DSC05535.JPG IMG_5406 copy DSC_3327 Symantec 236 DSC_6154 DSC09274 August192009 061 copy.jpg IMG_5402 copy DSC_6041 copy DSC_2558 DSCN1107 DSC_7882 Day2 (29) DSCN0980 DSC_2868 copy DSC08027 Outlook4 copy DSC_0473 copy.jpg DSCN1671 DSCN1008 DSC_5902 DSC00321 session1-12.jpg DSCN1586