Nokia's developer network hacked

  • Published
Nokia hack announcement page
Image caption,
Nokia's community pages have been temporarily closed and replaced with a company statement

An online community used by developers of Nokia phone apps has been hacked.

The company warned that members' personal information, including dates of birth and email addresses may have been stolen.

Nokia's developer forums have been temporarily shut down while the security breach is investigated.

So far no-one has claimed responsibility for the attack and no compromised information has yet appeared elsewhere on the internet.

In a statement, posted on the community website, Nokia explained how the hackers had managed to gain access.

It said: "A database table containing developer forum members' email addresses has been accessed, by exploiting a vulnerability in the bulletin board software that allowed an SQL Injection attack."

SQL attacks are a common method of breaking a website's security. Typically, hackers will target an open part of the system, such as a log-on screen, and attempt to confuse it by injecting code that it was not designed to cope with.

Nokia did not reveal the scale of the hack, but suggested that it may have been extensive.

"Initially we believed that only a small number of these forum member records had been accessed, but further investigation has identified that the number is significantly larger," said the statement.

The company said that no credit card details had been taken, but warned that additional contact details, such as Skype addresses, may have been stolen.

Wave of hacking

Image caption,
Hacker collective Anonymous denied involvement in the 2011 PlayStation Network hack

Nokia's developer network is the latest in a long line of online communities to be targeted by hackers.

Sony's PlayStation Network was taken out of action for six weeks earlier in 2011 when the accounts of 77 million users were compromised.

In legal documents, Sony stated that it believed the attack to be the work of hacker collective Anonymous. The group has denied any involvement.

LulzSec, a group associated with Anonymous, embarked on a wave of attacks on online communities this year.

Its victims included US broadcaster Fox, Sony Pictures and several online games networks including League of Legends and Eve Online.

Additionally, the group targeted public bodies on both sides of the Atlantic, including the US Senate, FBI and the UK's Serious Organised Crime Agency.

Anonymous and LulzSec are often described as "hacktivists", using hacking to make political points about government activities and information security.