- An 'unauthorised party' was able to access OnePlus customers' order information and might have stolen users' names, shipping addresses, contact numbers and email IDs.
- If you are one of the affected users, OnePlus has sent an email to registered ID to inform you of the breach.
- The company has not disclosed how many users were affected but claims that the most that can happen is a little more spam in your inbox.
Two years, two data breaches for OnePlus — but this time around it isn't that serious,
according to the company. The most that can happen is that you'll get extra spam in your inbox, if you're one of the affected users.
In case you were one of the victims, the company will be notifying you by email.
Last time around, in January 2018, the credit card information of around 40,000 customers was stolen.
Transform talent with learning that worksCapability development is critical for businesses who want to push the envelope of innovation.Discover how business leaders are strategizing around building talent capabilities and empowering employee transformation.Know More OnePlus has not disclosed who many customers were affected this time but claims that all payment information, passwords and accounts are safe — only names, contact numbers, email IDs and shipping addresses 'may have been exposed'.
This means the hacker only has the power to send phishing emails and spam your way. They don't have enough information to hack into your accounts or access any of your financial services.
But, it does put you at risk.
Here's how phishing emails work
Phishing is like carrying out a con — only it's online. Users usually receive an
authentic-looking email that seems as though it's from a
legitimate company. The email usually asks the recipient to click on a link or provide sensitive information.
So, as a general rule, never provide any sensitive information by clicking on third party links. Not just over emails, but even forwarding links in messages or from secondary websites.
And, whenever you are entering any sensitive information online, always double-check the URL. Better yet, use your own link.
Moreover, activate a plug-in or web tool that can
flag off malicious links and warn you before you click on anything risky.
How is OnePlus going to fix this?
"We took immediate steps to stop the intruder and reinforce security, making sure there are no similar vulnerabilities," said OnePlus in a
statement.
According to the company, it will be partnering with a 'world-renowned' security platform — ye to be disclosed — next month. And, in collaboration, they will launch an official bug bounty program by the end of December.
Even though the company revealed the data breach on their official company website, they did not report it to CERT-IN — India's nodal agency for cybersecurity — as per the IT Act.
Business Insider has reached out to OnePlus for more information and awaiting their response.
See also:
Wipro confirms phishing attack on its system — 11 other companies unknownWhatsApp data breach hits downloads in its biggest market — opens it up to Telegram and SignalHow to stay safe on WhatsApp and protect your data
Next Story
I spent 2 weeks in India. A highlight was visiting a small mountain town so beautiful it didn't seem real. 
I quit McKinsey after 1.5 years. I was making over $200k but my mental health was shattered.
Some Tesla factory workers realized they were laid off when security scanned their badges and sent them back on shuttles, sources say
Essential tips for effortlessly renewing your bike insurance policy in 2024
Indian Railways to break record with 9,111 trips to meet travel demand this summer, nearly 3,000 more than in 2023
India's exports to China, UAE, Russia, Singapore rose in 2023-24
A case for investing in Government securities
Top places to visit in Auli in 2024
