If you are a OnePlus user, then here’s some bad news for you. Personal data of many users has been leaked online. In a latest privacy breach, Chinese smartphone maker OnePlus is informing its users about a security breach that allowed ‘unauthorised’ third party to access personal information like name, contact number and email. This was announced by the company via a post on its official forum yesterday.
“We want to update you that we have discovered that some of our users’ order information was accessed by an unauthorized party” read the post. OnePlus says that only the users’ name, contact number, email and shipping address may have been exposed due to the breach. Other sensitive details like “payment information, passwords and accounts are safe” assures the company.
The Chinese firm, however, did not reveal the number of users impacted due to privacy breach. It says that the impacted users “may receive spam and phishing emails as a result of this incident.”
In the forum post, OnePlus says that the company “ took immediate steps to stop the intruder and reinforce security.” It has informed the impacted users by email and is working with the relevant authorities to further investigate the incident, OnePlus added. In a FAQ section below the post, OnePlus assured that it is continually upgrading the security program and will launch an official bug bounty program by the end of December this year.
Notably, this is not the first time that data of OnePlus users has been compromised with. In January 2018, credit card information of about 40,000 OnePlus users globally was leaked due to a security breach. Earlier this year in July, the company was allegedly ‘caught’ leaking data of OnePlus users for years. A major security flaw was discovered in the ‘Shot on OnePlus’ app present in OnePlus phones.
The app is meant for users to upload photos and the best photos are showcased publicly in the app. Then a security flaw in the app’s API was detected that leaked user’s information like name, number and email for years.