- OnePlus has sent out emails to the affected users
- The manufacturer has also warned users of phishing mails
- OnePlus will be rolling out a bug bounty programme by the end of December
‘One’ of the most popular smartphones brands out there, OnePlus is revered by its users for the features that it ships in its smartphones and the kind of software experience it offers on its devices. However, on a different note, OnePlus has become a victim of a new data breach. Today, the Chinese smartphone manufacturer has announced that its website has suffered a data breach and personal information of some of the users might have been compromised. As per the statement of OnePlus on this matter, the reason for this security breach happens to be a loophole on the OnePlus website. However, with all this being said, OnePlus has not yet announced how many users have been affected by this new data breach on its website.
Personal Information of OnePlus Website Users on Stake
To recall, this is not the first time that OnePlus has suffered a data breach. Last year in January 2018, OnePlus had suffered another data breach which was even more aggressive than the present one as the intruders had stolen credit card information from the OnePlus website. According to the statements from OnePlus, the intruders have not taken any credit card or payment information of the users in this data breach. But, the name, contact information and the shipping address of the users might have been exposed to these hackers as per OnePlus. Since OnePlus has said that the shipping address of the users might be the part of this breach, this tells us that the new breach has been made on the OnePlus online store rather than any other part of its website.
OnePlus Sends Out Mails to Warn Users
To mitigate some of the damage done by the data breach and to warn the users, OnePlus is sending out emails to these users. As per OnePlus, if a user has not received a mail from OnePlus regarding a data breach, then they should be fine. But, in case they have received such a mail about their data being breached on the OnePlus website then they should be aware. In a slightly uncomfortable turn of events, OnePlus has also said that in case the users have received the email from OnePlus about the data breach, then they should be on “the lookout for phishing and scam attempts that might come your way.”
This means that the intruders and hackers, who have stolen the information from the OnePlus website might use it to rollout scams or phishing attacks. Phishing attacks are basically copies of genuine websites which appear to be similar or identical to popular services like Gmail, Facebook or other Bank websites but in reality are designed to make you input your information into a false text field which is designed to steal your information like password, username etc. OnePlus has warned its users to stay wary of such emails, or links.
OnePlus to Roll Out Bug Bounty Programme
Ziv C, OnePlus Security Team Staff Member has remarked about this new data breach, “We want to update you that we have discovered that some of our users’ order information was accessed by an unauthorised party.”
To fix these loopholes and patches, OnePlus has taken the last week to inspect the website thoroughly to ensure that there is no similar loophole which might cause a further breach of data. Also, OnePlus has said that it would partner up with a “world-renowned security platform next month” to make sure that it tightens security on its website and other fronts. Apart from this, OnePlus will also roll out a bug bounty programme by the end of this year which will ensure patching of loopholes on the OnePlus website.
Arpit spends his day closely following the telecom and tech industry. A music connoisseur and a night owl, he also takes a deep interest in the Indian technology start-up scene and spends rest of his time spilling poetry and stories on paper.