Latest in Gear

Image credit:

Blu smartphones secretly harvested texts and contacts

The problems affects 120,000 phones, the company says.
388 Shares
Share
Tweet
Share
Save

Sponsored Links

Blu Products, the leading seller of unlocked smartphones in the US, has revealed a serious security problem with a bunch of its products. It says a third-party app called "Wireless Update" has been "collecting unauthorized personal data in the form of text messages, call logs and contacts from customers" on some devices. While the app has been "self-updated" and is no longer siphoning data, Blu advises users to check their phones and call customer service if an older version of the app is still installed.

If you're drawing a blank on Blu, the Florida-based company is actually the largest manufacturer of unlocked cell phones in the US, having sold over 5 million of them in 2015, according to eMarketer. It sells even more in Latin America and elsewhere, with total sales of around 35 million in 40 countries, according to the company. The problem with the app (from a company called Adups) affects around 120,000 phones, the company tells Engadget.

Blu's Advance 5.5 HD is $90 on Amazon

Even though only six models are affected out of dozens sold, the sheer numbers and nature of the breech obviously make it a serious issue. Needless to say, collecting private user and contact info without permission is illegal and could let thieves access passwords or financial data. What's worse, Blu is apparently still using "Wireless Update" as a core OTA app on certain models. We've reached out for more info, but you should check if your phone is affected and contact the company's customer support line if so.

Update: In an email exchange, Blu Products told Engadget that the data breech issue, caused by a third-party app from a firm called Adups, is limited to about 120,000 phones. A spokesperson said it uses the product for OTA updates as it's "the only reputable company that provides this service today." However, she adds that "we are now working with Google to switch to use Google's OTA and servers for future products in the near-term future." The article has been updated to include this information.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
388 Shares
Share
Tweet
Share
Save

Popular on Engadget

Runkeeper drops its Wear OS app due to a 'buggy experience'

Runkeeper drops its Wear OS app due to a 'buggy experience'

View
Drako's GTE electric supercar will be a four-motor, 1,200HP monster

Drako's GTE electric supercar will be a four-motor, 1,200HP monster

View
Nintendo says there is no Switch exchange program

Nintendo says there is no Switch exchange program

View
IKEA creates a business unit devoted to smart home tech

IKEA creates a business unit devoted to smart home tech

View
US will reportedly give Huawei another temporary reprieve

US will reportedly give Huawei another temporary reprieve

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr