Mobile giant Nokia has acknowledged a database used by its online developer community had been hacked, with a significant number of developer forum members’ personal information potentially falling into attackers’ hands. The attack used SQL injection—basically, embedding SQL commands in a form field or another entry point that get executed inappropriately by the database. According to Nokia, personal information like birthdates, email addresses, URLs, and instant messaging handles may have been compromised. However, the company says no passwords or credit card details were compromised, and no other Nokia accounts members may have outside the developer forums would have been effected.
Nokia has taken its developer community offline as a “precautionary measure,” and says it doesn’t know of any misuse of the compromised data—although use of the email addresses by spammers is a likely outcome. According to Nokia, less than seven percent of its developer forum members chose to include information other than their email address in their profiles.
Nokia’s online developer forums are just the latest in a string of online communities to have been compromised by attacks in recent months. The most infamous example to date is Sony’s PlayStation Network, which was offline for six weeks after the accounts of some 77 million members were compromised: the incident cost Sony some $170 million andn an incalculable amount of customer trust and goodwill. Other targets have included game networks like Eve Online, government agencies like the FBI and the UK’s Serious Organized Crime Agency, as well as media outlets like Fox.
- Speed up your older iPhone with these simple tips and tricks
- The Galaxy Tab S8 has renewed my faith in Android tablets
- Editing iMessages on iOS 16 looks like a nightmare when chatting with old iPhones
- Google Chrome on iOS gets 6 new features to take on Safari
- iOS 16: Everything we know about Apple’s next big iPhone update