Synopsis: Nothing, a UK-based smartphone brand led by Carl Pei, confirmed a vulnerability affecting email addresses of its community members. No personal data beyond email addresses was compromised. The issue, discovered in December 2022, prompted immediate action to enhance security measures.
Introduction:
Nothing, the UK-based smartphone brand led by Carl Pei, has confirmed the discovery of a ‘vulnerability’ that impacted the email addresses belonging to its community members.
Discovery of Vulnerability:
A recent report by Android Authority suggested that Nothing may have suffered a data breach, potentially putting the data of several community profiles at risk. The data, including usernames, display names, join dates, and other profile information, was found on a text file sharing website.
Nothing's Response:
Nothing acknowledged the vulnerability in a statement and clarified that only email addresses belonging to community members were affected. The company emphasized that no personal names, addresses, passwords, or payment information were compromised.
Actions Taken:
The vulnerability was discovered in December 2022, nearly a year and a half ago, and Nothing took immediate action to address it and enhance its security features.
Conclusion:
While the incident highlights a security lapse, Nothing assures its community members that steps have been taken to mitigate the issue and strengthen security measures.
