Today the OnePlus Security Team notified their official OnePlus forum community that a security breach occurred. This breach occurred at some point in the OnePlus store order process, as OnePlus suggests that “some of our users’ order information was accessed by an unauthorized party.” This security breach does not include payment information, passwords, or OnePlus account information.
OnePlus verified that several piece of user information WERE exposed during this breach. As OnePlus Security Team Member Ziv C. said today, “certain users’ name, contact number, email and shipping address may have been exposed.” It does not appear at this time that any other information was exposed during this security breach.
Before this breach was made public, OnePlus sent email notifications to all impacted users. This means that if you were amongst the OnePlus users to have potentially had your personal information exposed, you’ll already have an email in your inbox.
OnePlus officials suggested today that the most likely result of this breach will be “spam and phishing emails” sent to the affected users. As such, it’d be prudent to beware of ALL OnePlus emails in the very near future, should any of said emails lead you to potentially sharing more personal info, login info, or bank information.
“Right now, we are working with the relevant authorities to further investigate this incident,” said Ziv C of OnePlus Security. “We are deeply sorry about this, and are committed to doing everything in our power to prevent further such incidents.” Concerned parties can head over to OnePlus Support and drop down to the bottom of the page where it says “Contact Us” to get in contact with OnePlus.
There’s also a FAQ page on OnePlus you can visit if you’d like to see the way OnePlus is responding to this situation. “We’ve inspected our website thoroughly to ensure that there are no similar security flaws,” says the documentation at OnePlus. “We are continually upgrading our security program – we are partnering with a world-renowned security platform next month, and will launch an official bug bounty program by the end of December.”