Andy Rubin apologizes for Essential phone’s customer data leak

Essential Phone founder Andy Rubin has apologized for errors in the company’s customer care functioning that led to sharing of personal information of around 70 customers with other customers.

In a statement posted on Essential’s blog, the Android co-creator said the company “made an error in its customer care function.” It seems a customer service rep used a misconfigured account that sent a single email asking for a photo ID and other identifying info to multiple recipients. As a result, around 70 of them ended up sending sensitive info to “a small group of other customers.”

The fault was stated in a Reddit thread which said that customers who had pre-booked the new Essential phone were asked to share their photo ID for shipping purposes. A photo ID comprising information such as a photograph, address and signature was shared with a group of customers to whom the email was sent.

While the Redditors complained of a possible phishing scam, Andy Rubin apologized for the misconfigured account and said that the account had been disabled.

Notably, Andy Rubin has offered a year’s worth of identity theft protection service through LifeLock and a promise to prevent something similar from happening again. Rubin said the company has already “taken steps internally to add safeguards against this happening again in the future.”