Nothing, the UK-based smartphone brand led by Carl Pei, has confirmed that it had discovered a ‘vulnerability’ that impacted the email addresses belonging to its community members.
Notably, a recent report by Android Authority stated that Nothing may have suffered a data breach, which put the data of several community profiles at risk.
However, the report also states that the data dump also included data that isn't in the public domain, including email addresses linked to community member profiles and profile suspension fields.
Nothing admitted the issue in a statement shared with LiveMint, but stated that the ‘vulnerability’ only affected email addresses belonging to community members.
"In December 2022, Nothing discovered a vulnerability, which impacted email addresses belonging to community members at the time.
Nothing, the UK-based smartphone brand led by Carl Pei, has confirmed that it had discovered a ‘vulnerability’ that impacted the email addresses belonging to its community members. Notably, a recent report by Android Authority stated that Nothing may have suffered a data breach, which put the data of several community profiles at risk.
Also Read | Nothing Ear, Ear (a) launched in India: Details on price, playtime, features and more
The data relating to Nothing community members was spotted via a text file-sharing website that included publicly available information like usernames, display names, join dates, comment counts, last-seen information, forum profile permissions, and more. However, the report also states that the data dump also included data that isn't in the public domain, including email addresses linked to community member profiles and profile suspension fields.
Nothing admitted the issue in a statement shared with LiveMint, but stated that the ‘vulnerability’ only affected email addresses belonging to community members. No personal information like passwords, names or payment information was compromised, it said.
"In December 2022, Nothing discovered a vulnerability, which impacted email addresses belonging to community members at the time. No names, personal addresses, passwords, or payment information were compromised. Upon this discovery nearly a year and half ago, Nothing took immediate action to remedy the situation and bolster its security features," Nothing said in its statement.
Also Read | Nothing Phone (2a) receives fresh improvements with Nothing OS 2.5.5 update: How to update your device
Nothing, however, did not share details on exactly how this information was leaked online. The Android Authority report does speculate that the data leak may have occurred due to an exposed API, or it could be an export file from the Nothing Community forum management software.
In other Nothing-related news, the smartphone maker rolled out Nothing Os 2.5.5 to Nothing Phone (2) users, which allows them to start up a voice conversation with ChatGPT. The new update also rolls out ChatGPT widgets, that help users launch different modes of the chatbot from the home screen.
Milestone Alert! Livemint tops charts as the fastest growing news website in the world 🌏 Click here to know more.
Unlock a world of Benefits! From insightful newsletters to real-time stock tracking, breaking news and a personalized newsfeed – it's all here, just a click away! Login Now!
