Nortel Breach Started in 2000

Hackers Accessed Sensitive Company Information
Nortel Breach Started in 2000

Nortel Networks Ltd. has been the victim of a hacking campaign for more than a decade. The breach gave attackers access to Nortel's corporate computer network and sensitive company information, according to news reports.

See Also: The Guide to Just-In-Time Privileged Access Management

Since as far back as 2000, hackers appearing to come from China have had access to the telecommunications company's network through the use of seven stolen passwords from top Nortel executives, including the chief executive, according to the Wall Street Journal.

Using the stolen log-in credentials, hackers were able to download technical papers, research-and-development reports, business plans, employee e-mails and other documents, Brian Shields, a former Nortel employee who led an internal investigation into the breach, told the newspaper. The company still has not determined how the seven passwords were initially compromised, according to the report.

Nortel could not confirm whether the breach continued after it filed for bankruptcy in 2009, according to news reports. The company is in the process of liquidating its assets.

The breach was first discovered in 2004, after an employee noticed that a top executive was downloading an unusual set of documents, according to Upon investigation, an internal team at Nortel was able to trace the activity to China-based IP addresses.

The company hasn't released a statement on the breach.

Shields claims Nortel's network made it simple for hackers to access information due to lack of controls within the system.

According to the Wall Street Journal's review of the company's internal report, Nortel didn't take any action from a security standpoint once the breach was discovered. Shields stated that six months after the discovery of the breach, the network was still compromised, with computers sending data to Shanghai-based IP addresses. When Shields suggested that further security steps be taken, the company declined, according to eWeek.

Upon his departure from the company in 2009 due to the bankruptcy, Shields found out that a sophisticated form of spyware had been detected on two computers, eWeek reports.

About the Author

Information Security Media Group

Information Security Media Group (ISMG) is the world's largest media company devoted to information security and risk management. Each of its 28 media sites provides relevant education, research and news that is specifically tailored to key vertical sectors including banking, healthcare and the public sector; geographies from North America to Southeast Asia; and topics such as data breach prevention, cyber risk assessment and fraud. Its yearly global summit series connects senior security professionals with industry thought leaders to find actionable solutions for pressing cybersecurity challenges.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.