Nothing data leak: Company confirms ‘vulnerability’ affecting community member data. Here's what was compromised
Nothing Ear, Ear (a) launched in India: Details on price, playtime, features and more Reportedly, the data relating to Nothing community members was spotted via a text file-sharing website that included publicly available information like usernames, display names, join dates, comment counts, last-seen information, forum profile permissions and more. However, the report also states that the data dump also included data that isn't in the public domain, including email addresses linked to community member profiles and profile suspension fields.
Nothing admitted the issue in a statement shared with LiveMint but stated that the ‘vulnerability’ only affected email addresses belonging to community members and no personal information like passwords, names or payment information was compromised. "In December 2022, Nothing discovered a vulnerability, which impacted email addresses belonging to community members at the time.
No names, personal addresses, passwords, or payment information were compromised. Upon this discovery nearly a year and half ago, Nothing took immediate action to remedy the situation and bolster its security features." Nothing said in its statement.
Also Read | Nothing Phone (2a) receives fresh improvements with Nothing OS 2.5.5 update: How to update your device Nothing, however, did not share details on exactly how this information ended up getting leaked online. The Android Authority report does speculate that the data leak may have occurred due to an exposed API, or it could be an export file from the Nothing Community forum management software.
Read more on livemint.com
