
Nokia's developer network hacked - draegtun
http://www.bbc.co.uk/news/technology-14706810
======
reemrevnivek
The link to Nokia's statement is broken. The correct link is
<http://www.developer.nokia.com/Community/Discussion/>, which will probably
get taken down soon. It reads:

\------------------------------------------------

You may have seen reports or received an email from us regarding a recent
security breach on this developer.nokia.com/community discussion forum.

During our ongoing investigation of the incident we have discovered that a
database table containing developer forum members' email addresses has been
accessed, by exploiting a vulnerability in the bulletin board software that
allowed an SQL Injection attack. Initially we believed that only a small
number of these forum member records had been accessed, but further
investigation has identified that the number is significantly larger.

The database table records includes members’ email addresses and, for fewer
than 7% who chose to include them in their public profile, either birth dates,
homepage URL or usernames for AIM, ICQ, MSN, Skype or Yahoo. However, they do
not contain sensitive information such as passwords or credit card details and
so we do not believe the security of forum members’ accounts is at risk. Other
Nokia accounts are not affected.

We are not aware of any misuse of the accessed data, but we are communicating
with affected forum members, though we believe the only potential impact to
them may be unsolicited email. Nokia apologizes for this incident.

Though the initial vulnerability was addressed immediately, we have now taken
the developer community website offline as a precautionary measure, while we
conduct further investigations and security assessments. We hope to get the
site back online as soon as possible and will post developments here in the
meantime.

If you have any questions on this, please contact Nokia.developer-discussions-
support@nokia.com.

The Nokia Developer website team.

\------------------------------------------------

