SUMMARY
Users’ names, mobile numbers, addresses exposed in major hack
The company claims payment information and passwords were not leaked
This is the second major security incident for OnePlus in the last two years
Chinese smartphone maker OnePlus on Friday (November 22) in a statement announced a security breach that affected some of its users, including India and other countries. While OnePlus said payment information, password and account logins were safe, it wasn’t all good news as users’ name, mobile numbers, email addresses and shipping address given to OnePlus when purchasing a phone “may have been exposed.”
As the company is one of the leading premium segment smartphone brands in India, the question naturally arises how many users in India were affected?
In India, OnePlus was said to have 35% of the premium segment market share, according to Counterpoint Research. It has led this segment for two consecutive quarters, with the premium segment contributing just 5% of the market by volume for the quarter.
Despite the small market size in the premium segment, OnePlus grew fastest in terms of adoption than any other brand, which indicates that it’s the brand of choice for Indian smartphone consumers moving to the premium segment. However, it is hard to estimate the actual number of OnePlus users in the country.
Inc42 reached out to OnePlus to find out more about the breach and how many Indian users were affected. The company did not respond to our queries till the time of publishing. We would be updating the article as soon as a statement or comment comes in.
OnePlus said on monitoring its systems it discovered that some of its users’ order information was accessed by an unauthorised party. It didn’t say which parties accessed the data or indeed how many users were affected.
In a statement to ET, OnePlus India general manager Vikas Agarwal said the Chinese company is in the process of shifting its data to Amazon Web Services India servers from Singapore. Agarwal did not elaborate on how many Indian users were affected and if Indian authorities had been informed about the breach.
In its statement, OnePlus simply said “Impacted users may receive spam and phishing emails as a result of this incident” without really addressing the concerns about home addresses and personal mobile numbers being leaked.
OnePlus said it users via email about the breach; It added that those users who haven’t received an email from the OnePlus team were safe from the breach.
The company also said that it has taken immediate measures to stop further intrusions and reinforce security. The Chinese smartphone maker said it is working with the relevant agencies to investigate this matter.
This is not the first time OnePlus users were affected by a breach; In a similar incident in January 2018, up to 40K OnePlus smartphone users were affected by a security breach, where the users’ credit card details were exposed.
In India, OnePlus had announced its commitment to invest INR 1000 Cr for the next three years in the country, focusing on the research and development work. Last year, it launched its research and development facility in Hyderabad, where the company revealed to work on developing India-specific software features for the company’s OxygenOS Android UI, alongside its other applications, design and development, 5G, and developing artificial intelligence and machine learning products.phone
