The hacker had reportedly done no harm, but only revealed the security flaw. So you should expect that your account info hasn't been stolen but to be 100% safe, you’d better change your password. The hacker left the following comment:
“LOL, Worlds number 1 mobile company but not spending a dime for a server security! FFS patch your security holes otherwise you will be just another antisec victim. No Dumping, No Leaking!!”
Nokia admitted that the attack had taken place and now the website is up and functional. The company is also “evaluating the security practices of websites that are hosted externally,” according to Finnish newspaper Helsingen Sanomat. This basically means that the site was not hosted over at Nokia, but the Finns have rather outsourced the portal to a different company. Hopefully, Nokia’s Ovi Store storing your sensitive credit card credentials is better protected as it’s supposedly hosted by Espoo itself.
Security leaks seem to affect companies more and more, but it’s a bit ironic that Nokia’s devs portals was hit as the company moves to Windows Phone as its main platform and one of its biggest goals is to woo Qt/Symbian programmers to switch to Microsoft’s ecosystem. The company doesn’t have the developer backbone and support of long-time players like Apple and Redmond, but could it manage to change its profile over the couple of months left until the first WP devices roll out? Feel free to share your expectations in the comments below.
source: Helsingen Sanomat via IntoMobile