The Norwegian public broadcaster NRK had reported about an apparent data breach related to the Nokia 7 Plus models. According to Reuters, Nokia’s parent company HMD Global had “admitted that an unspecified number of Nokia 7 Plus phones had sent data to Chinese servers”. HMD Global has now released an official statement explaining what reason behind the issue.
“We have analyzed the case at hand and have found that our device activation client meant for our China variant was mistakenly included in the software package of a single batch of Nokia 7 Plus phones. Due to this mistake, these devices were erroneously trying to send device activation data to a third party server,” said the company in an official statement.
NRK came to be aware of the “data breach” after a Nokia 7 Plus user contacted them to inform that their phone often contacted a particular server, sending data packages in an unencrypted format, said NRK in its report.
As far as the privacy risks are concerned, HMD Global has confirmed that “no personally identifiable information has been shared with any third party.” The company also added that it has already released a security fix for the Nokia 7 Plus. To check for the security fix update, users can go to Settings > System > About Phone > Scroll down to “Build Number”. If the Build Number shows “00WW_3_39B_SP03” or “00WW_3_22C_SP05”, it means the update has already been installed. If the device is not showing for any of the above-mentioned build numbers, then users need to “check for updates”.
Furthermore, HMD Global denied the accusations that Nokia handsets were also sharing similar data with third-party servers. “We can confirm that this is incorrect speculation and no Nokia phones are impacted. All device data of Nokia Phones other than the China variant is stored at HMD Global’s servers in Singapore provided by Amazon Web Services,” said the company.