The infamous threat actor IntelBroker, a well-known figure on the BreachForums hacking site, posted an offer to sell a large trove of Nokia's internal data, allegedly obtained through a third-party contractor working directly with the telecom giant.
The data purportedly includes highly sensitive files such as SSH keys, source code, RSA keys, Bitbucket logins, SMTP accounts, webhooks, and even hardcoded credentials, which could pose significant risks to Nokia's operations if verified.
The sale post by
IntelBroker implies that the hacker has extensive access to Nokia's proprietary information, potentially exposing the telecom provider's development tools and infrastructure to malicious actors.
IntelBroker included details of the compromised data and specified that only high-ranking members with a strong reputation on BreachForums are eligible to bid, underscoring the perceived value and exclusivity of the information being offered. A sample “tree file” has also been mentioned as part of the sales pitch, possibly serving as proof of the breach to potential buyers.
CyberInsider
Nokia, a global leader in telecommunications, holds a critical role in networking, 5G infrastructure, and technology services worldwide, with operations spanning over 100 countries. Originally founded in Finland, the company has transformed itself into one of the largest and most influential players in the telecom industry, especially in 5G networking and telecommunications equipment.
Its customer base includes major telecommunications providers, governments, and private enterprises, making the security of its data paramount. A leak of source code and internal security keys could enable attackers to exploit vulnerabilities in Nokia's systems, compromise customer networks, or even tamper with updates and infrastructure—a concerning prospect given Nokia's involvement in critical infrastructure projects globally.
CyberInsider has reached out to Nokia to verify the authenticity of IntelBroker's claims and is currently awaiting a response. As of now, Nokia has not publicly acknowledged the incident, nor has it confirmed whether any of its internal or contractor-related data was exposed.
The threat actor told CyberInsider that the same third-party contractor who exposed Nokia also exposed other firms, including online gambling platforms, an international luxury goods brand, a rewards platform, and an AI-powered healthcare and diagnostics provider. That said, there's a good chance the exposed firms are not aware of the breach and how exactly it impacts them yet.
