GRAND RAPIDS, Mich. (WOOD) — A cybersecurity firm found cellphone firmware that was collecting personal data without the user’s consent.
Kryptowire, a cybersecurity firm, says the sensitive information was then sent to a third party in China.
Ryan Johnson, co-founder of Kryptowire, told 24 Hour News 8 that the company looked at Android Blu R1 HD cellphones and noticed a set of pre-installed applications in the firmware that would send personal user data to URLs in China. The applications worked in the background without the owner’s consent.
It is unknown why the data, which included texts and call information, is being sent to China.
Kryptowire’s finding raises concerns over data privacy.
The firm did notify the federal government, but at this point there is no telling how widespread this issue is or if any other type of devices are affected.