ENGLISH

Smartphone maker OnePlus discloses data breach

207

By Catalin Cimpanu

for Zero Day

| November 22, 2019 — 21:17 GMT (21:17 GMT)

| Topic: Security

Smartphone maker OnePlus disclosed today a security breach that impacted users of its online store.

The breach ocurred last week and was discovered right away, according to a FAQ page published earlier today.

OnePlus says hackers gained access to past customer orders. Exposed information included details like customer names, contact numbers, emails, and shipping addresses, but not passwords or financial details, the company said.

OnePlus believes the hacker’s entry point was a vulnerability in its website, but did not provide any additional details.

“We’ve inspected our website thoroughly to ensure that there are no similar security flaws,” the company said.

“Before making this public, we informed our impacted users by email. Right now, we are working with the relevant authorities to further investigate this incident,” a member of the OnePlus security team said today in a forum post, separate from the FAQ.

As a result of the breach, OnePlus said it is partnering with “a world-renowned security platform next month, and will launch an official bug bounty program by the end of December.”

This is the second security breach in the smartphone vendor’s short history. It suffered a similar one in January 2018, when attackers gained access to the data of around 40,000 users.

OnePlus’ breach comes after yesterday US telco provider T-Mobile disclosed a similar security breach impacting a small number of accounts.

Security

Chrome, Edge, Safari hacked at elite Chinese hacking contest

Thousands of hacked Disney+ accounts are already for sale on hacking forums

Cybersecurity is heading into a recruitment crisis: Here’s how we fix the problem

Fixing data leaks in Jira (ZDNet YouTube)

Best home security of 2019: Professional monitoring and DIY (CNET)

How to control location tracking on your iPhone in iOS 13 (TechRepublic)

Security

Related Topics: