Nokia, the global leader in phone production, has announced that its developer forum database was hacked. Member information including emails and dates of birth had also been accessed by the hackers. The breach was made due to “security flaws” in the system, according to Nokia spokesperson Doug Dawson. The hack made use of a SQL injection attack, a viral-like code which uploads to a SQL database for future attacks.
Dawson is quick to point out that no fiscal information was leaked. Speaking about the affected databases, he said “They do not contain sensitive information such as passwords or credit card details and so we do not believe the security of forum members’ accounts is at risk.”
Nokia said that it discovered the hacked database table during its ongoing investigations into the hacking attack. The hacker is believed to be based in India, and is known as “pr0tect0r AKA mrNRG”.
“pr0tect0r AKA mrNRG” left a message revealing that he had attacked the site in order to reveal how unsecure it was:
“LOL, Worlds number 1 mobile company but not spending a dime for a server security! FFS patch your security holes otherwise you will be just another antisec victim. No Dumping, No Leaking!!”
The hacker redirected all users to a third-party website with an image of Homer Simpson and the abovementioned statement. The redirect has been removed and has now been replaced with an official statement from the Nokia development forum.
Nokia has addressed the issue on the website, but the developer section remains offline for now until the security issues have been addressed. The Nokia developer forum hack is just one of many websites which have been the victims of such attacks in recent months. Recent hacking victims include the Sony Playstation Network, the BART rail network in San Francisco and British tabloid, The Sun.