Published: Fri, March 22, 2019
Electronics | By Kelly Massey

HMD Global Under Investigation For Allegedly Transmitting Sensitive Data To China

HMD Global Under Investigation For Allegedly Transmitting Sensitive Data To China

Finland's data protection ombudsman said on Thursday he would investigate whether there was any data breach by Nokia-branded phones after Norway's public broadcaster reported that it had proof the mobiles had sent data to China.

NRKbeta's investigation found the Nokia 7 Plus was sending the IMEI, MAC ID, and the SIM ICCID, all of which are unique hardware or SIM card identifiers that could be used to track an individual. To his surprise, the device was sending unencrypted information to somewhere in China.

The market has been rife with speculations about some China-based Android phones sending data back to the mothership.

'The data was never processed and no personal information was shared with third parties or authorities, ' it said.

For its part, HMD Global says the issue was isolated to a batch of Nokia 7 handsets, which were only ever created to be sold in China.

The manufacturer of the Nokia 7 Plus admitted a software error caused the device to send location information and serial numbers to a "foreign server". HMD's claim here is a bit unusual, considering the entire point of "activation data" is to identify someone so they can be billed for cellular access. The server has been discovered to be owned by the state-owned China Telecoms telecommunication company.

New Zealand's Prime Minister Bans 'Military Style' Weapons, Orders Mandatory Buybacks
It also extends to accessories used to convert guns into what the government called "military-style" weapons. Ardern said it would be followed by a complete ban on the weapons after new laws are rushed through.

The company's spokesperson did not respond to requests to say how many phones are in "a small batch" or to confirm the software was intended for phone activation in China.

HMD Global - the maker of the Nokia 7 plus was contacted and has owned up to the issue at hand, saying the issue affected only a "single batch" of phones.

HMD Global, the company that took over the Nokia brand from Microsoft, is now being scrutinized by the Data Inspectorate of Finland.

HMD also states, "this has now been fixed and nearly any device affected by this error has now installed the update".

Just fixing the issue probably won't be the end of this situation, though.

Finland's data protection ombudsman told Reuters he would assess whether any breaches involved "personal information and if there has been a legal justification for this". HMD Global takes the security and privacy of its consumers seriously.

Like this: