Nokia has temporarily shut down its developer forums as a security measure after a hacker gained access to users’ records.
“During our ongoing investigation of the incident we have discovered that a database table containing developer forum members’ email addresses has been accessed, by exploiting a vulnerability in the bulletin board software that allowed an SQL Injection attack,” says a message at developer.nokia.com/community, where the forums are normally located.
The compromised database table includes forum members’ email addresses, and in some cases (fewer than 7%, Nokia claims), either birth dates, homepage URL or user names for AIM, ICQ, MSN, Skype or Yahoo. It does not contain passwords or credit card details, and other Nokia accounts aren’t affected.
Nokia claims it has taken down the forums as a precautionary measure while it conducts further investigations. The site should be back online “as soon as possible.”
SQL injection attacks are a common method amongst hackers of gaining unauthorized access to data. In recent months, we’ve seen several high-profile attacks conducted with this method, including an attack on Sony Pictures, when more than a million user accounts were compromised.
More About: developer forums, hack, hacker, Nokia, security breachFor more Tech & Gadgets coverage:Follow Mashable Tech & Gadgets on TwitterBecome a Fan on FacebookSubscribe to the Tech & Gadgets channelDownload our free apps for Android, Mac, iPhone and iPad
Posted on Mon, 29 Aug 2011 15:31:33 +0000 at http://feeds.mashable.com/~r/Mashable/~3/MiYQ2OjwhPc/
Comments: http://mashable.com/2011/08/29/nokia-shut-down-developer-forums/#comments
“During our ongoing investigation of the incident we have discovered that a database table containing developer forum members’ email addresses has been accessed, by exploiting a vulnerability in the bulletin board software that allowed an SQL Injection attack,” says a message at developer.nokia.com/community, where the forums are normally located.
The compromised database table includes forum members’ email addresses, and in some cases (fewer than 7%, Nokia claims), either birth dates, homepage URL or user names for AIM, ICQ, MSN, Skype or Yahoo. It does not contain passwords or credit card details, and other Nokia accounts aren’t affected.
Nokia claims it has taken down the forums as a precautionary measure while it conducts further investigations. The site should be back online “as soon as possible.”
SQL injection attacks are a common method amongst hackers of gaining unauthorized access to data. In recent months, we’ve seen several high-profile attacks conducted with this method, including an attack on Sony Pictures, when more than a million user accounts were compromised.
More About: developer forums, hack, hacker, Nokia, security breachFor more Tech & Gadgets coverage:Follow Mashable Tech & Gadgets on TwitterBecome a Fan on FacebookSubscribe to the Tech & Gadgets channelDownload our free apps for Android, Mac, iPhone and iPad
Posted on Mon, 29 Aug 2011 15:31:33 +0000 at http://feeds.mashable.com/~r/Mashable/~3/MiYQ2OjwhPc/
Comments: http://mashable.com/2011/08/29/nokia-shut-down-developer-forums/#comments
