The company guilty of manufacturing smartphones that violated its users' privacy has vowed to replace the offending software with a Google-approved one.
News of the security breach surfaced in mid-November after security firm Kryptowire determined that the budget Android phones were sending personal data from the user's phone to a company in China.
The devices supposedly sent data every 72 hours. It still isn't clear what the Chinese company did with the data it has gathered or what it needed them for in the first place. The company has claimed the data were mined for advertising purposes but not a few thinks the breach is a way for the Chinese government to gather intelligence.
Several of Blu's handsets were discovered to contain the software responsible for the breach. These are the R1 HD, Energy X Plus 2, Studio Touch, Advance 4.0 L2, Neo XL, and the Energy Diamond. The third party app was installed on these six phones which have sold around 120,000 units in the United States.
Blu is actually an American company founded in 2011 and based in Florida but it has a majority of its phones manufactured in China. Not only was the hardware made in China, the app that caused the invasion of privacy was also from China. Blu insists that it was not behind the breach stating it has proof that the Chinese company "violated [their] request" not to include that functionality in the Blu phones.
Shangai Adups Technology Co. the company that wrote the firmware-updating app claims that the software was not meant for U.S. consumers or on phones sold in the country. It was supposed to be used only for phones made for a particular Chinese manufacturer for the purpose of monitoring the said company's users.
The issue has been a big blow for Blu which depends on online retailers for a majority of its sales. Amazon has prevented the R1 HD from being sold through its site, according to The Verge.
The app has since been self-updated so that the breach of security will no longer occur. Blu has also promised that the software will be replaced with a Google-approved one which it has been doing with its previous devices for a few years now. The company has also signed a contract with Kryptowire allowing the security firm to check all its upcoming phones.