OnePlus Security Breach Allowed Attackers To Get Away With User Data

Advertisement
Advertisement

Some unauthorized intruders have managed to undermine OnePlus security again. In an email titled 'Security Notification' sent to customers, the company said that a part of their order information has been exposed.

The good news is that this OnePlus security breach isn't as bad as the 2018 one in which credit card information of around 40,000 customers was stolen. This time around, the attackers weren't able to access the payment information, password, and account of customers, per the company.

However, it believes that the names, contact numbers, emails, and shipping addresses were probably stolen. The company notes that information related to only certain orders was exposed. This means that not all the users were affected. And the vendor informed the impacted users via email.

Advertisement

No Action Required By The Users Impacted By The OnePlus Security Breach

The affected customers aren't required to do anything specific right now other than remaining vigilant. That's because the attackers can potentially use data for spamming and phishing. After all, they have got their hands on valuable information and they can use that to pose as OnePlus. The company further reiterates that it never asks for passwords. Additionally, it urges that customers should enter financial information only on a secure payment page on its or its partners' websites.

OnePlus says that as soon as it found about the breach, it took steps to stop the intruder and reinforced security. The company says there are no similar vulnerabilities on its website at the moment. The manufacturer is also working with authorities to investigate the incident further.

The company is also trying to step up its security. It plans to team up with a world-renowned security platform in December. Additionally, it is also going to launch a bug bounty program by the end of next month.

Advertisement

While that does sound reassuring, there are still a couple of unanswered questions. For instance, the vendor says that it discovered the attack last week. However, it revealed the attack this week only. The cause of the holdup is not clear. Same is the case with the security flaw.

The Company Plans To Take Measures To Improve Security

The company says that its first priority was to resolve the issue and contact the affected users. With those done, the company is now reviewing the case and planning improvement measures for the future. It says it will share more information in the next few days.

While some customers have commended OnePlus for sharing the relevant information, others haven't taken the breach lightly. Some users are also calling upon the company to be more transparent and share things like the duration of the breach and the number of users affected.

Advertisement

OnePlus has seen a surge in popularity in the last few years. The Chinese company is popular for offering feature-packed flagships at attractive prices. However, security is one thing that consumers take very seriously. Hopefully, the manufacturer will take concrete steps to ensure something like this doesn't happen again. We will likely get to hear more about it in the coming days.