The biggest smartphone maker OnePlus has disclosed a data breach where several users’ information was “accessed by an unauthorized party.”
The data breach targeted the OnePlus online store as hackers gained access to the customer’s past orders. The information exposed might include customer names, email addresses, contact numbers, and shipping addresses.
However, OnePlus has confirmed in a statement that “payment information, passwords, and accounts are safe.”
How Did The Breach Happen?
In another published FAQ, OnePlus says their security team discovered the data breach last week while monitoring the system.
According to the smartphone maker, hackers might have discovered a vulnerability in the website, allowing them to gather details of OnePlus customers.
“We’ve inspected our website thoroughly to ensure that there are no similar security flaws,” said the company.
The company hasn’t disclosed any additional details like the number of users affected by the breach.
Acknowledging the breach, OnePlus says: “We took immediate steps to stop the intruder and reinforce security, making sure there are no similar vulnerabilities.”
Moreover, a staff member says that impacted users were informed by an e-mail before making the breach public.
OnePlus’ Previous Cases Of Data Breach
This is OnePlus’ second security breach in less than a year. Back in January 2018, the smartphone maker suffered a data breach that affected over 40,000 users.
Following the latest data breach, OnePlus has said that it will be collaborating with world-renowned security experts and will launch a bug bounty program by the end of December.
If OnePlus had taken the decision following the first data breach, users might have been saved from the information theft.