MobileNews

OnePlus notifies customers of security flaw in its online store… again

OnePlus makes killer smartphones, but its security is often questionable. Last year, the company found a severe security issue that exposed credit card information, and now, another security issue in the OnePlus Store is causing the company to send out a “Security Notification.”

An email sent out today to recent OnePlus buyers informs them of a security issue. This “Security Notification” from OnePlus informs customers that an “unauthorized party” was able to access order information from the company’s online store.

OnePlus says that payment information as well as account details were not accessed, but names, addresses, emails, and phone numbers “may” have been exposed. The company says it will continue to investigate the matter, but obviously this is no small issue.

Speaking to , OnePlus says that they took “immediate steps to stop the intruder and reinforce security,” and that they are currently “working with the relevant authorities to further investigate this incident.” OnePlus didn’t explain what went wrong, but they are apparently working to start a bug bounty program by the end of this year.

This isn’t the first time the company’s store has fallen victim to a security issue like this. In early 2018, OnePlus customers found evidence of credit card fraud stemming from the Store that triggered OnePlus to shut down credit card payments temporarily. Just a day later, OnePlus’ investigation into the matter revealed that 40,000 credit card numbers had been exposed.

The full email being sent to customers is below, but for OnePlus’ sake, we hope this is the last security breach like this. OnePlus also has a thread on its forums with more details.

Security Notification

We are reaching out to you directly as we have discovered that part of your order information was accessed by an unauthorized party. We can confirm that your payment information, password, and account are safe, but your name, contact number, email, and shipping address may have been exposed.

We took immediate steps to stop the intruder and reinforce security. Right now, we are working with the relevant authorities to further investigate this incident and protect your data.

We wanted to notify you of this so that you can be alert to people pretending to be OnePlus to get further information from you, or people asking you to buy products or services from them. OnePlus will never ask you for your passwords, and any financial information should only be provided via a secure payment page on the OnePlus website or one of our partners if you are buying products from us.

We are deeply sorry about this, and are committed to doing everything in our power to prevent further such incidents. We will continue to investigate and update you as we learn more. In the meantime, please contact us with any questions or concerns at Customer Support.



Author: Ben Schoon
Source: 9TO5Google

Related posts
AI & RoboticsNews

H2O.ai improves AI agent accuracy with predictive models

AI & RoboticsNews

Microsoft’s AI agents: 4 insights that could reshape the enterprise landscape

AI & RoboticsNews

Nvidia accelerates Google quantum AI design with quantum physics simulation

DefenseNews

Marine Corps F-35C notches first overseas combat strike

Sign up for our Newsletter and
stay informed!