Nokia has issued a warning to developers following the discovery of a data breach on its developer forum service.
The company said that user account information had been harvested in connection with an earlier attack on the Nokia developer discussion forum.
No bank account details or credentials were harvested, but Nokia said that the attacker had accessed user email addresses, and birth dates and instant messaging addresses for some accounts.
"During our ongoing investigation we have discovered that a database table containing developer forum members' email addresses has been accessed by exploiting a vulnerability in the bulletin board software that allowed an SQL injection attack," Nokia said.
"Initially we believed that only a small number of these forum member records had been accessed, but further investigation has identified that the number is significantly larger."
The company has taken its developer discussion site offline while it investigates the incident and patches the vulnerability.
The attack adds Nokia's name to a list of companies that have suffered high-profile breaches in recent months.
Sophos senior technology consultant Graham Cluley said that the Nokia incident underscores the importance of properly securing all web pages and services against attack.
"The forum's suspension is of little consolation for those who were affected by the security breach. They're now going to wonder if they're going to be on the receiving end of spam campaigns, malicious email attacks and phishing expeditions," Cluley noted in a blog post.
"If you run a web site make sure you are doing everything to keep it as secure as possible for your company and your users."
Citrix claims Workspot has 'continued to mislead the market' and use Citrix-patented features
Using proven technology from wireless, coax and ADSL/VDSL communication
Touts crowding genuine fans out of the market, claims government
Users complain they haven't been able to access their accounts or withdraw money