Skip to main content

Nokia developer forum hacked

strong>Nokia's online Developer Forum found itself the victim on a hack over the weekend.

The phone maker confessed that a database table containing developer forum members' email addresses had been accessed. Attackers exploited a vulnerability in the bulletin board software that allowed an SQL Injection attack.

"Initially we believed that only a small number of these forum member records had been accessed, but further investigation has identified that the number is significantly larger," Nokia said.

Some members (around seven per cent of those signed up, Nokia said) had included either birth dates, homepage URL or usernames for AIM, ICQ, MSN, Skype or Yahoo in their account details, which have also been compromised.

Nokia said it does "not believe the security of forum members’ accounts is at risk.

"We are not aware of any misuse of the accessed data, but we are communicating with affected forum members, though we believe the only potential impact to them may be unsolicited email. Nokia apologizes for this incident."

The forum was taken offline as a precaution.

"Though the initial vulnerability was addressed immediately, we have now taken the developer community website offline as a precautionary measure, while we conduct further investigations and security assessments. We hope to get the site back online as soon as possible and will post developments here in the meantime," Nokia said.