Nokia data breach prompts regulator probe in Finland

data breach, cyber security, nokia

Nokia may be in breach of data laws after a software “glitch” inadvertently directed user data to China without consumer knowledge, reports reveal.

According to Reuters, an investigation was announced on Thursday into whether the data handling of Nokia smartphones, which are developed by Finnish firm, HMD Global, has violated official rules.

HMD Global maintains that personal data has not been sent to any third-parties, but the group admitted that a data software glitch on one batch of handsets had been put right.

Speaking to Reuters, Finland ombudsman, Reijo Aarnio said that the case was being looked into to establish whether breaches took place that involved “personal information and if there has been a legal justification for this.”

A breach linked with the Nokia 7 Plus model, manufactured by HMD Group, was first reported by Norwegian public broadcaster, NRK, last week. The media group said that Nokia had “admitted that an unspecified number of Nokia 7 Plus phones had sent data to the Chinese server.”

Nokia is yet to comment on the matter.

China, and in particularly, Chinese telecoms company Huawei has been in the news recently regarding Western fears that tech giant is used as an overseas spying tool for the Communist government in Beijing.

Huwaei, a competitor of Nokia, denies any involvement of such activity.

NRK has said that it first discovered the incident when an owner of a Nokia 7 plus phone contacted them to say that his phone often sent data in an unencrypted format to a particular data server. HMD Group have not said to whom the server belongs.

The Group told Reuters:

“We can confirm that no personally identifiable information has been shared with any third party [following] an error in software packaging process in a single batch of one device model”.

“Such data was never processed and no person could have been identified based on this data,” HDM added, before claiming that the glitch had been ironed out last month.


PrivSec Conferences will bring together leading speakers and experts from privacy and security to deliver compelling content via solo presentations, panel discussions, debates, roundtables and workshops.

For more information on upcoming events, visit the website.

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.