Jimmy Westenberg / Android Authority
- A Twitter user has claimed that her Pixel 5a, which was mailed in for repairs, was stolen.
- The device was apparently used to access her various services in a bid to find nude photos.
- Google has since released a statement on the matter.
Updated: December 8, 2021 (2:04 AM ET): Google has now declared that it conducted a thorough investigation after a game developer mailed in her Pixel 5a for repairs, only for the device to be stolen. This resulted in photos and services on the device being compromised.
“After a thorough investigation, we can say with confidence that the issue impacting the user was not related to the device RMA [return merchandise authorization – ed],” a Google representative told The Verge. “We have worked closely with the user to better understand what occurred and how best to secure the account going forward.”
This still doesn’t explain how and where the Pixel 5a was stolen though, so hopefully we have a better idea of what happened soon.
Original article: December 6, 2021 (2:08 AM ET): Sending your smartphone in for repairs should ordinarily be a no-frills affair. Unfortunately, it seems like one Pixel user has reported that their phone was stolen and their photos and services were compromised after sending it in for mail-in repair.
Game developer and author Jane McGonigal posted a thread on Twitter (h/t: The Verge) detailing her experience after she mailed her Pixel 5a in for repairs. In the initial tweet (seen below), she reports that someone used the phone to log into her Gmail, Google Drive, Google Photos, Dropbox, and other accounts in a bid to find nude photos.
She added that she was unable to factory reset her phone before mailing it in as the device wouldn’t turn on, but that FedEx marked the package as “delivered” to Google’s Texas repair center. Google claimed that it didn’t receive the phone though, and initially charged her for a replacement device that was sent to her. She later received a refund from the search giant.
McGonigal also claimed that she tried to lock and erase the phone but that these measures didn’t work as the phone needed to be on and connected.
“At 3 AM Saturday morning, someone logged into my Gmail and other accounts for which my phone was a trusted device. This includes Dropbox, where the activity log showed them opening lots of photos of me, anything with skin, cleavage, etc (sic),” she wrote. McGonigal added that the malicious actors changed her passwords, set her Gmail account to send security alerts to spam, and trashed security notifications in her backup email account.
More Pixel coverage: Everything you need to know about the Google Pixel 6 series
It seems like this might not be the only case of a Pixel mail-in repair process resulting in photos being leaked. A now-deleted post on Reddit saw a user asking for legal advice after nude photos from their device (sent in for repair to the same center) were purportedly posted online.
In any event, Google told The Verge that it was investigating McGonigal’s claim. This is nevertheless not a pleasant story to hear for consumers, especially when devices are increasingly tough to fix via the DIY route.