One Plus has not disclosed how many users were affected by data breaches
- An 'unauthorised party' was able to access OnePlus customers' order information and might have stolen users' names, shipping addresses, contact numbers and email IDs.
- If you are one of the affected users, OnePlus has sent an email to registered ID to inform you of the breach.
- The company has not disclosed how many users were affected but claims that the most that can happen is a little more spam in your inbox.
In case you were one of the victims, the company will be notifying you by email.
Last time around, in January 2018, the credit card information of around 40,000 customers was stolen.
OnePlus has not disclosed who many customers were affected this time but claims that all payment information, passwords and accounts are safe — only names, contact numbers, email IDs and shipping addresses 'may have been exposed'.
This means the hacker only has the power to send phishing emails and spam your way. They don't have enough information to hack into your accounts or access any of your financial services.
But, it does put you at risk.
Here's how phishing emails work
Phishing is like carrying out a con — only it's online. Users usually receive an authentic-looking email that seems as though it's from a legitimate company. The email usually asks the recipient to click on a link or provide sensitive information.
So, as a general rule, never provide any sensitive information by clicking on third party links. Not just over emails, but even forwarding links in messages or from secondary websites.
And, whenever you are entering any sensitive information online, always double-check the URL. Better yet, use your own link.
AdvertisementMoreover, activate a plug-in or web tool that can flag off malicious links and warn you before you click on anything risky.
How is OnePlus going to fix this?
"We took immediate steps to stop the intruder and reinforce security, making sure there are no similar vulnerabilities," said OnePlus in a statement.
According to the company, it will be partnering with a 'world-renowned' security platform — ye to be disclosed — next month. And, in collaboration, they will launch an official bug bounty program by the end of December.
Even though the company revealed the data breach on their official company website, they did not report it to CERT-IN — India's nodal agency for cybersecurity — as per the IT Act.
Business Insider has reached out to OnePlus for more information and awaiting their response.
Wipro confirms phishing attack on its system — 11 other companies unknown
WhatsApp data breach hits downloads in its biggest market — opens it up to Telegram and Signal
How to stay safe on WhatsApp and protect your data
Popular on BI
- A 29-year-old woman found a mark on her head and was diagnosed with a fungal infection. It turned out to be invasive skin cancer.
- Elon Musk told his 76-year-old dad Errol to 'keep quiet' in a text message after he said he wasn't proud of his son, report says
- JPMorgan CEO Jamie Dimon told wealthy clients there's a chance the US is heading into 'something worse' than a recession, report says
- Nepotism and termite-like corruption dented India : Modi
- Modi lists five pledges to turn India into a developed country in 25 years
- There will be a major shift in the way Indians shop and consume brands
- Modi remembers Nehru and Sarvarkar in his speech today
- Made-in-India gun used for 1st time for ceremonial salute at Red Fort on Independence Day