Former rubber boot maker Nokia has shut down an online forum for developers after hackers attacked it.
Nokia killed off its developer forums and replaced them with a company statement warning developers that the “significantly large” hack attack could have compromised personal details.
Registered developers’ email addresses and dates of birth could be in the hands of the hackers. The phone outfit said that it has started a probe into the attack which happened over the weekend.
The Nokia Developer website team said the hackers exploited a vulnerability in the bulletin board software.
It seems that a database table containing developer forum members’ email addresses has been accessed, by exploiting a vulnerability in the bulletin board software that allowed an SQL Injection attack.
It was initially thought that only a small number of these forum member records had been accessed. However it turned out that the numbers were a bit bigger.
Nokia has apologised to users and added that sensitive details such as credit card details and passwords are safe.
The database table records includes members’ email addresses and, for fewer than 7 per cent who chose to include them in their public profile, either birth dates, homepage URL or usernames for AIM, ICQ, MSN, Skype or Yahoo.
Nokia said that it did not think the security of forum members’ accounts is at risk. Other Nokia accounts are not affected.
The outfit is sending out emails to those who it thinks might have been affected and warned them to be aware that the amount of spam they will get in the next few weeks might go up.
The initial vulnerability has been fixed, but the developer community website has been taken offline as a precautionary measure, while Nokia conducts further investigations and security assessments.
No hacker crew has claimed responsibility for the attack.