Hackers stole email addresses, birth dates and instant messaging usernames from a Nokia devloper forum over the weekend.
The forum was pulled offline as a precautionary measure.
Nokia noticed data was stolen from a data table via a SQL injection attack against an undisclosed vulnerability in its bulletin board software.
"Initially we believed that only a small number of these forum member records had been accessed, but further investigation has identified that the number is significantly larger," Nokia said.
It said about 7 percent of developers on the forum had updated their now compromised profiles with birth dates, homepage URLs and usernames for AIM, ICQ, MSN, Skype or Yahoo.
It said passwords and financial data was not compromised. Other Nokia accounts were not affected.
"We are not aware of any misuse of the accessed data, but we are communicating with affected forum members, though we believe the only potential impact to them may be unsolicited email," Nokia said.
The vulnerability was patched.
Copyright © SC Magazine, Australia
Issue: 316 | July 2013
Access CRN's extensive online resources including; email bulletins, community discussions and unique online news.
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED GOES EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can log on to the CRN website or start posting comments on articles.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain '@crn.com.au' to your white-listed senders.