Nokia Corporation, a prominent Finnish telecommunications and technology company, reportedly fell victim to a data breach. According to reports on BreachForums, a threat actor identified as 888 disclosed that over 7,622 records containing personally identifiable information (PII) of Nokia employees were compromised.  This Nokia data breach, allegedly stemming from a third-party incident, exposed sensitive details such as employees' first and last names, job titles, company names, email addresses, phone numbers, and other pertinent information.

Addressing the Nokia Data Breach Claims

The leaked data, posted by the threat actor with the handle "888," included a sample entry detailing specific employee information. Despite claims linking the breach to LocService (locservice.fr), the exact source of the compromised data remains unconfirmed due to the absence of definitive proof. [caption id="attachment_81104" align="alignnone" width="1915"] Source: Dark Web[/caption] Nokia Corporation, known for its extensive presence in the telecommunications and technology sectors with operations spanning across Europe and the UK, has yet to issue an official statement regarding the incident. This cyberattack on Nokia potentially impacts not only the company's internal operations but also raises concerns about the security of personal information belonging to its employees. The threat actor claimed this Nokia data breach on July 8, 2024, stating “Today I have uploaded Nokia Data for you to download, thanks for reading and enjoy! In July 2024, Nokia suffered a data breach from a third party that exposed 7,622 rows of employees' details”.  Talking about the compromised information in this breach, 888, said the data in this breach includes “First Name, Last Name, Job Title, Company Name, Email, Email Verification Status, Direct Phone Number, Corporate Phone Number, Employees, Industry, Person State, Person Country and Created Time”. The Cyber Express has reached out to Nokia Corporation for further details regarding the incident and any involvement of the threat actor in the alleged breach. However, at the time of writing this, no official statement or response has been received. This leaves the claims and implications of the Nokia data breach unresolved and under investigation. Moreover, the website for Nokia seems to be unaffected by this breach and doesn’t display any immediate sign of the intrusion. The threat actor could have targeted the backend of the website or its databases instead of launching a front-end cyberattack like a DDoS or website defacement. 

A Previous Data Breach Related to Nokia

In 2021, SAC Wireless, a Nokia subsidiary based in the US, suffered a data breach due to a ransomware attack by Conti operators. The attack compromised SAC Wireless' network, leading to data theft and system encryption. The breach was detected on June 16 when Conti ransomware encrypted SAC Wireless' systems. A subsequent forensic investigation, conducted with external cybersecurity experts, confirmed on August 13, 2021, that the personal information of current and former employees, and their dependents or beneficiaries under health plans, was compromised. Affected data included names, dates of birth, contact details (addresses, emails, phone numbers), government IDs (driver’s licenses, passports), social security numbers, work information (titles, salaries), medical histories, health insurance details, license plate numbers, digital signatures, marriage or birth certificates, tax information, and dependent/beneficiary names. To prevent future breaches, SAC Wireless immediately implemented measures such as changing firewall rules, disconnecting VPNs, implementing geo-location restrictions, enhancing employee training, deploying additional monitoring tools, expanding multi-factor authentication, and improving threat detection and response capabilities. As for the current Nokia data breach claims, this is an ongoing story and The Cyber Express will be closely monitoring the situation and we’ll update this post once we have more information on the alleged breach or any official confirmation from Nokia.  Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.