HMD Global clarifies the allegations of data breach from Nokia 7 plus

HMD Global clarifies that Nokia 7 plus devices were affected by the “bug” but no personally identifiable information was transmitted or shared with any third-party. The information sent to a server in China is exactly the same sort of data that is usually sent by any newly activated phone.

A few days ago a Norwegian public broadcaster posted a report that a Nokia 7 Plus phone contacted a particular server in China and transferred sensitive information in the form of a data package. After these alarming accusations from NRK, Finland’s data protection ombudsman Reijo Aarnio took notice of the situation and said that he would investigate the issue and will try to find out whether the breaches involved “personal information” and does Nokia has a legal justification for this or not.

HMD Global at that time denied the claims of data breach and said, that there was no information shared with any third party and that the issue occurred due to a glitch in the software of just one device model and that the company already fixed the issue with an update.

The company has returned again with some more explanation to clarify what exactly happened and that there is no need to worry about data breach of any kind.

The Finnish company started off with an old explanation saying that the problem occurred due to a software problem in one device only and that no such data was processed and assured the Nokia 7 Plus owners that their data is safe. HMD said, “We found that our device activation client meant for our China variant was mistakenly included in the software package of a single batch of Nokia 7 Plus phones that were not intended to be sold in China. Due to this mistake, these devices were erroneously trying to send device activation data to a third-party server”.

The company also said that the error has already been identified and fixed and all the affected devices have received the fix and the issue has been resolved. If you want to find out that your Nokia 7 Plus has received the security fix or not, follow the instructions here.

On the rumors about other Nokia phones sharing similar data with third-party servers, HMD Global said, “We can confirm that this is incorrect speculation and no other Nokia phones are impacted. All device data of Nokia phones other than the China variant is stored at HMD Global’s servers in Singapore provided by Amazon Web Services”.

They further explained, “Data collected from our devices is stored safely in accordance with applicable laws. The device data collection is further explained on our web pages. We encourage our consumers to familiarize themselves with this information and our Privacy Policy that further explains the data collection”.

If you have any other questions regarding this issue, or if you want more information about how the company collect and store data, consult this document.