Chinese smartphone vendor OnePlus discloses a new data breach

Chinese smartphone vendor OnePlus has suffered a new data breach, according to a company’s notice hackers accessed customers’ order information.

OnePlus disclosed a data breach, an “unauthorized party” accessed some customers’ order information, including names, contact numbers, emails, and shipping addresses.

“We want to update you that we have discovered that some of our users’ order information was accessed by an unauthorized party.” reads the statement published by the company. “We can confirm that all payment information, passwords and accounts are safe, but certain users’ name, contact number, email and shipping address may have been exposed. Impacted users may receive spam and phishing emails as a result of this incident.”

The company said that it took immediate measures to lock out the attackers and reinforce security. OnePlus notifies impacted users by email and reported the incident to the relevant authorities, an investigation is still ongoing.

OnePlus discovered the breach last week while monitoring its systems.

“Last week while monitoring our systems, our security team discovered that some of our users’ order information was accessed by an unauthorized party,” the company said. ” We can confirm that all payment information, passwords and accounts are safe, but the name, contact number, email and shipping address in certain orders may have been exposed.”

OnePlus pointed out that not all customers were affected and that the attackers were not able to access financial information and, passwords, and associated accounts.

At the time of writing the company did not reveal details of the attack and the vulnerability exploited by the attackers.

The good news is that the company decided to launch an official bug bounty program by the end of December 2019.

“We’ve inspected our website thoroughly to ensure that there are no similar security flaws. We are continually upgrading our security program – we are partnering with a world-renowned security platform next month, and will launch an official bug bounty program by the end of December. ” concludes the company’s statement.

Anyway, let me suggest to change your OnePlus account password and to remain vigilant on suspicious and unsolicited emails that could attempt to trick you into revealing your credit card data or other sensitive data.

Early 2018, OnePlus disclosed another security breach that affected its online payment system. At the time, hackers stole credit card information belonging to up to 40,000 customers.

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – OnePlus, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]