One Plus has not disclosed how many users were affected by data breaches
- An 'unauthorised party' was able to access OnePlus customers' order information and might have stolen users' names, shipping addresses, contact numbers and email IDs.
- If you are one of the affected users, OnePlus has sent an email to registered ID to inform you of the breach.
- The company has not disclosed how many users were affected but claims that the most that can happen is a little more spam in your inbox.
In case you were one of the victims, the company will be notifying you by email.
Last time around, in January 2018, the credit card information of around 40,000 customers was stolen.
OnePlus has not disclosed who many customers were affected this time but claims that all payment information, passwords and accounts are safe — only names, contact numbers, email IDs and shipping addresses 'may have been exposed'.
This means the hacker only has the power to send phishing emails and spam your way. They don't have enough information to hack into your accounts or access any of your financial services.
But, it does put you at risk.
Here's how phishing emails work
Phishing is like carrying out a con — only it's online. Users usually receive an authentic-looking email that seems as though it's from a legitimate company. The email usually asks the recipient to click on a link or provide sensitive information.
So, as a general rule, never provide any sensitive information by clicking on third party links. Not just over emails, but even forwarding links in messages or from secondary websites.
And, whenever you are entering any sensitive information online, always double-check the URL. Better yet, use your own link.
AdvertisementMoreover, activate a plug-in or web tool that can flag off malicious links and warn you before you click on anything risky.
How is OnePlus going to fix this?
"We took immediate steps to stop the intruder and reinforce security, making sure there are no similar vulnerabilities," said OnePlus in a statement.
According to the company, it will be partnering with a 'world-renowned' security platform — ye to be disclosed — next month. And, in collaboration, they will launch an official bug bounty program by the end of December.
Even though the company revealed the data breach on their official company website, they did not report it to CERT-IN — India's nodal agency for cybersecurity — as per the IT Act.
Business Insider has reached out to OnePlus for more information and awaiting their response.
Wipro confirms phishing attack on its system — 11 other companies unknown
WhatsApp data breach hits downloads in its biggest market — opens it up to Telegram and Signal
How to stay safe on WhatsApp and protect your data
Popular on BI
- Billionaire investor Mark Mobius says he's been able to get his money out of China, but investing in the country is still a 'dilemma' amid national security laws
- The Carnival cruise passenger who went overboard and remains missing was on his first cruise and it became his 'happy place,' his fiancée said
- My fiancé and I picked out my engagement ring together before he proposed, and I don't regret missing out on the surprise
- Attractiveness of gold depends on US Fed's moves, say analysts
- Coal India’s ₹4,000 crore offer for sale subscribed 4x times
- Nvidia's Jensen Huang started with a $10 million failure before shifting gears to become a $1 trillion company
- Meet the top Nifty50 performers in FY23
- Apple to declare the 12-inch MacBook as obsolete on June 30