Well, hacked – sort of. Apparenlty it is possible to obtain AllFiles capability for your applications by changing a few lines in Nokia Software Update files and flashing your phone, as described here.
For developers that means that with certain amount of effort they will be able to make their life a bit easier and explore previously hidden features of SymbianOS.
For hackers that means that they can access data cages of all applications on a stolen phone (e.g. with Y-Browser with AllFiles capability) and extract passwords from configuration files (e.g. e-mail, IM client, browser, virtually all applications that access internet services and store passwords on the mobile without encryption)
This is the first publicly available evidence of a possibility for 3rd parties to obtain AllFiles and other capabilities available only to phone manufacturers. Symbian Platform Security was considered to be “unbreakable” by far, and technically it still is – the blunder is really on NSU part.