OnePlus has been hit with yet another security breach. The Chinese company has sent out an email to OnePlus buyers highlighting the security issue and the damage it has done.
OnePlus says that an “unauthorized party” was able to access the company’s online store and data like order information. OnePlus claims that payment information and account details were not exposed. However, other equally private data like names, addresses, emails, and phone numbers have been exposed. Furthermore, OnePlus has assured that it is investigating the issue.
This is Ziv, from the Security team. We want to update you that we have discovered that some of our users’ order information was accessed by an unauthorized party. We can confirm that all payment information, passwords and accounts are safe, but certain users’ name, contact number, email and shipping address may have been exposed. Impacted users may receive spam and phishing emails as a result of this incident.
OnePlus told Droid-Life that they took “immediate steps to stop the intruder and reinforce security.” The company also added that they are “working with the relevant authorities to further investigate this incident.” All said and done, the breach is indeed a big issue and raises some serious questions about OnePlus’s security.
OnePlus has a history with security issues similar to the one discovered now. Back in 2018, OnePlus customers complained of credit card fraud from the store. As an immediate measure, the company stopped accepting credit card payments. Later it was revealed that 40,000 credit card numbers had been leaked. Perhaps this is one of the many reasons why OnePlus is mulling a bug bounty program by the end of this year.