It appears that someone at Google’s Pixel repair center is accessing private user data
When you send in a phone for repair, you shouldn’t have to worry about someone looking through your photos.
When you send your phone in for repairs, you place implicit trust on every person in that chain. The delivery people taking it to the depot, the technicians that eventually work on it to get it working again, and everyone in-between. On two occasions, Google’s Pixel mail-in service center has seemingly broken that trust.
Having our phone break is always upsetting. You could lose photos, documents, or other files. It could even lock you out of some of your accounts if your phone serves as your two-factor authentication key.
In two recent occurrences, it looks like someone at Google’s repair center accessed the accounts of two users and did multiple worrying things on them.
The first report was six days ago on Reddit, and it’s a doozy. Android Police has screenshots of the original text. This guy’s wife broke her Pixel, rendering it unable to turn on. The phone was sent in for repairs, and that’s when the trouble started.
If the post is to be believed, someone at Google’s repair center logged into the woman’s social media and posted nudes they found in the camera roll. They also sent a $5 payment to another account with the wife’s PayPal account. Yikes.
The postings of an anonymous Reddit account are one thing, but what about a public figure?
Game designer and New York Times bestselling author Jane McGonigal had a similar story to tell last week. She sent in her Pixel 5a for repairs, and it “disappeared” after it was delivered to the repair center.
That phone appeared again on Friday night. That is when someone used the phone to access multiple of her online accounts that were secured by two-factor authentication.
The data they were searching for? Seemingly a cheap thrill, with McGonigal saying, “the photos they opened were of me in bathing suits, sports bras, form-fitting dresses, and of stitches after surgery.”
The devices were shipped to the repair center without being wiped because they wouldn’t turn on. However, McGonigal did try to wipe the device using Google’s Find My Device tool, which was apparently unsuccessful.
It doesn’t have to be like this. A previous technician at UBreakIFix says that their policy was to wipe any Google device before a technician could touch it. In addition, Apple has tightened its own repair policies after a student had her privacy invaded by a third-party technician in 2016.
- PSA: Don’t charge your Pixel 6 with a cheap charging cable
- Apple is planning a huge 2022 with new products across the board
- Samsung’s Galaxy S22 is coming – here’s what we know
- Go update your Pixel 6, Google fixed the fingerprint sensor issue