Chinese smartphone maker OnePlus has suffered a data breach involving its customers’ order information, the company said in a statement without disclosing how many users have been affected.
Why it matters: The incident is the second time in two years the smartphone maker has suffered a security breach. In January 2018, OnePlus reported that credit card data for up to 40,000 of its users had been stolen.
- The company last year became one of the top five global smartphone brands in the premium bracket, growing off the back of demand for its OnePlus 6T smartphone in India, China, and Eastern Europe, according to Counterpoint Research.
“We have discovered that some of our users’ order information was accessed by an unauthorized party. Impacted users may receive spam and phishing emails as a result of this incident.”
—OnePlus in a statement
Details: OnePlus said that information including customer names, contact numbers, and email and shipping addresses may have been accessed by an “unauthorized party.” The company did not disclose how many users were impacted but said that “payment information, passwords, and accounts are safe.”
- OnePlus downplayed possible effects of the breach, saying its users may receive more spam following the incident.
- The company said it is working with “relevant authorities” to investigate the incident.
- OnePlus will partner with a “world-renowned security platform” and set up a bug bounty platform to prevent incidents of this sort in the future.
- However, citing the company’s 2018 breach, several users said the company should have done more to secure their data.
- OnePlus has sent emails to users affected by the breach to inform them that their information may have been compromised, the company said.
Context: In 2018, OnePlus reported that it had been attacked and around 40,000 users had their credit card information compromised. The company then temporarily shut down credit card payments on its website.
- Data breaches are of rising concern in China as an increasing number of the country’s residents move online, generating huge amounts of data that could fall victim to malicious attacks.