Nothing Data Leak: The morale of cybercriminals is on the rise. Now, even engaging in discussions within any brand’s online community is not without risk. Hackers are capable of stealing users’ personal data from such platforms. A similar incident has occurred with Nothing, a phone company, which has acknowledged a data breach affecting its community members.
Nothing Data Breach: Cyber attacks can occur unexpectedly, sometimes taking years to detect. London-based company Nothing, known for its transparent phones, recently fell victim to a cyber attack, the details of which have now emerged. Its community members were targeted in the attack, resulting in the leak of their data. Nothing has provided clarification on the matter, revealing the extent of the data breach.
Hackers targeted the community platform of Nothing, the manufacturer of Nothing Phone 1, Phone 2, and Phone 2a. Android Authority reported on this data leak, revealing information about many Nothing community profiles. This is how the breach in the Nothing community was discovered.
The Company’s Admission of the Data Leak
According to media reports, Nothing issued a statement confirming the data leak. The company stated that no names, addresses, passwords, or payment details were compromised in the breach, which occurred over a year ago. Immediate action was taken, and security measures were strengthened.
Information That Was Leaked
Nothing detected the breach in December 2022. During this attack, email addresses of community members were exposed, but no names, personal addresses, passwords, or payment details were compromised.
This vulnerability concerning Nothing Community profiles was discovered on a text file-sharing site. The leaked data included details such as usernames, display names, dates of joining the community, number of comments, last seen activity, and profile permissions.
In addition to the data already in the public domain, gender and email addresses were also revealed from the profiles. However, no passwords were compromised.
Were Your Details Stolen?
This attack occurred in 2022, and approximately 2,250 profiles’ email addresses may have been leaked, including those of community managers. If you were part of the community profile at that time, it is advisable to change your password.
This cyber attack could have resulted from an exposed application programming interface (API) or an export file from the Nothing forum management software. If passwords have not been compromised, community members can change their passwords as a precaution.