The smartphone brand OnePlus has recently made it to the news owing to a cybersecurity incident. As revealed by the firm itself, OnePlus suffered a data breach exposing users’ information to hackers.
OnePlus Discloses Data Breach
Reportedly, the smartphone brand OnePlus has recently suffered a cyber attack. The firm has revealed the unfortunate incident via emails to customers. OnePlus also shared the details of the data breach via a dedicated notice.
As revealed, last week, the firm noticed unauthorized access to their data containing customers’ information. Investigating the matter further revealed a security breach.
Specifically, the attackers gained access to the data enclosing customers’ order details. Though the incident did not expose the financial data of the customers, it did impact personal information of some users.
According to a staff member from the OnePlus security team,
We can confirm that all payment information, passwords and accounts are safe, but certain users’ name, contact number, email and shipping address may have been exposed.
They also suspect that such exposure of information may risk victims receive phishing and spam emails.
Bug Bounty Program To Launch Soon
Upon noticing the malicious access, the OnePlus team quickly contained the attack. Moreover, they also involved relevant authorities to continue with investigations.
Elaborating their security actions, OnePlus stated,
We took immediate steps to stop the intruder and reinforce security, making sure there are no similar vulnerabilities… Right now, we are working with the relevant authorities to further investigate this incident.
In addition, the team also swiftly informed the users affected during the incident, via emails. However, they have not stated any explicit number of users affected by this breach, in their notice.
We understand that personal information is very important to our users, and all impacted users were notified via email. If you don’t get an email from us today, rest assured that your order information is safe.
They have also announced their decision to partner with a security platform to launch a bug bounty program.
We are partnering with a world-renowned security platform next month, and will launch an official bug bounty program by the end of December.
Perhaps, this comes as a much needed decision from the firm considering that the present incident marks the second breach in the brief history of OnePlus. The firm also confessed a security breach in January 2018 which affected 40,000 clients.
Let us know your thoughts in the comments.