A cybercriminal using the name Tsar0Byte has claimed to have breached Nokia’s internal systems through a third-party contractor, raising serious concerns over one of the most significant corporate data exposures the company has faced in recent years. The claim was made on dark web forums, where the attacker alleged that the entry point was a contractor system linked to Nokia’s internal tools.
The threat actor claims to have accessed the internal directory data of more than 94,500 Nokia employees. The stolen information reportedly includes full names, corporate emails, phone numbers, job titles, department links, LinkedIn references, and even identification numbers and organizational hierarchy details. Some internal documents and logs related to external partners were also allegedly compromised.
Cybersecurity professionals warn that this type of data can be misused for targeted phishing attacks, impersonation, and broader social engineering threats that could cause lasting harm.
Nokia has responded by confirming awareness of the claims and has launched an internal investigation. According to the company, there is currently no evidence that their main systems have been compromised. However, they are continuing to monitor the situation closely. This incident follows a previous breach in November 2024, when another hacker, IntelBroker, claimed access through a separate contractor, highlighting ongoing issues in Nokia’s third-party risk management.
Security experts have emphasized that this event reflects a growing trend in cyberattacks targeting vendor access as a way into large organizations. As integration between companies and contractors deepens, the risks of supply chain attacks are increasing across the tech industry.
Experts recommend stronger audits of vendor access, regular assessments of third-party tools, and the use of zero trust security frameworks, which assume that no system or user is automatically trustworthy.
So far, Nokia has not reported any breach of customer data. However, the exposure of sensitive employee information alone could have serious long-term effects if further exploited.
Also read: Viksit Workforce for a Viksit Bharat
Do Follow: The Mainstream formerly known as CIO News LinkedIn Account | The Mainstream formerly known as CIO News Facebook | The Mainstream formerly known as CIO News Youtube | The Mainstream formerly known as CIO News Twitter |The Mainstream formerly known as CIO News Whatsapp Channel | The Mainstream formerly known as CIO News Instagram
About us:
The Mainstream formerly known as CIO News is a premier platform dedicated to delivering latest news, updates, and insights from the tech industry. With its strong foundation of intellectual property and thought leadership, the platform is well-positioned to stay ahead of the curve and lead conversations about how technology shapes our world. From its early days as CIO News to its rebranding as The Mainstream on November 28, 2024, it has been expanding its global reach, targeting key markets in the Middle East & Africa, ASEAN, the USA, and the UK. The Mainstream is a vision to put technology at the center of every conversation, inspiring professionals and organizations to embrace the future of tech.
