Nothing Data Breach: Email IDs Of Over 2,000 Community Profiles Leaked, Claims Report; What Company Said

London-based smartphone maker Nothing announced its Nothing Ear and Ear (a) a few days ago. Soon after the event, the company is back in the limelight for an alleged data breach. This comes after the Nothing Chats fiasco, which garnered some bad press for the company. Android Authority said in a report that they were able to locate the information of several Nothing Community profiles on the internet.

Taking note of the issue, Nothing said in a statement that no names, addresses, passwords or payment details were leaked through the vulnerability when it was discovered more than a year ago. It said it took immediate action and implemented safety measures for added security.

Also Read: BoAt Data Breach: Investigation On After Company 'Allegedly' Loses Data Of 7.5 Million Customers; Company Reacts

"In December 2022, Nothing discovered a vulnerability, which impacted email addresses belonging to community members at the time. No names, personal addresses, passwords, or payment information were compromised. Upon this discovery nearly a year and half ago, Nothing took immediate action to remedy the situation and bolster its security features," Nothing told the news outlet.

The report claimed the dump of Nothing Community profiles was located on a text file-sharing site. The data in this dump include usernames, display names, date of joining, number of comments, last-seen, profile permissions and more. Apart from already-public information, the data includes email addresses linked with a forum profile. However, no passwords were spotted in the dump.

Also Read: Nothing Takes Down Nothing Chats From Google Play Store; It Has An 'Encryption' Issue; Know Here

The data dates back to 2022 and the report speculates data of the first 2,250 Nothing Community profiles could be available in the data dump. This also includes the emails of many community managers. The reason for the vulnerability could be an exposed application programming interface (API) or an export file from Nothing forum management software. While passwords were not detected in the dump, Nothing Community members can reset their passwords as a matter of caution.