NOKIA Developer Discussion Forum Security Breach

The developer.nokia.com/community discussion forum was offline and under maintenance for sometime now, only for Nokia to officially announce that the forum had had a security breach. I quote :

During our ongoing investigation of the incident we have discovered that
 a database table containing developer forum members' email addresses 
has been accessed, by exploiting a vulnerability in the bulletin board 
software that allowed an SQL Injection attack. Initially we believed 
that only a small number of these forum member records had been 
accessed, but further investigation has identified that the number is 
significantly larger.

The database table records includes members’ email addresses and, for 
fewer than 7% who chose to include them in their public profile, either 
birth dates, homepage URL or usernames for AIM, ICQ, MSN, Skype or 
Yahoo. However, they do not contain sensitive information such as 
passwords or credit card details and so we do not believe the security 
of forum members’ accounts is at risk. Other Nokia accounts are not 
affected.

Official announcement can be found here :

http://www.developer.nokia.com/Community/Discussion/content.php



								

Tags:

Comments are closed.