"Chen Huang is an independent Taiwanese Security Expert. Session Abstract: In this session Taiwanese Researcher will demonstrate how Xiaomi Phones have been sending device data and personal data of Xiaomi Phone user to Chinese Servers," said the website of Ground Zero Summit.
"The Researcher will also release Server Logs, Mi Account username, Emails and passwords of millions of Xiaomi users which have been obtained using a Zero Day flaw in the Xiaomi Servers," the webpage added.
When contacted, Xiaomi' Head of India Operations Manu Jain said: "We have verified that the zero-day data breach allegation made by security researcher Chen Huang and the Ground Zero Summit organising committee reported by The Hacker News on October 30, 2014 is a hoax."
Jain said that the zero-day vulnerability reported by the cyber security researcher Chen Huang is a deliberate falsehood and Xiaomi is taking the necessary legal action against the parties involved.
Jain in his reply admitted that the company's user account file was leaked in May this year.
He said that leaked information was from user accounts registered before August 2012 in an old version of the Xiaomi user forum website.
Meanwhile, organisers of the summit, which is to be held here next month, said that they have put Cheng's session on hold till the time Xiaomi completes its investigations.
"Xiaomi representatives contacted and requested us regarding the session. We have decided to withhold session till the time Xiaomi investigates data breach and accusations and works with the researcher to fix it," Indian Infosec Consortium CEO Jiten Jain said.
Xiaomi entered the Indian market in July through tie-up with e-Commerce major Flipkart. It is estimated that the firm has sold over 1.5 million devices so far.
Earlier, Indian Air Force had issued an advisory asking its personnel and their families to desist from using Chinese 'Xiaomi Redmi 1s' phones as they are believed to be transferring data to their servers in China and could be a security risk.