SUMMARY
The official advisory asked OnePlus users to change their account passwords
It also urged users not to open attachments and suggested not to click on any URL links
The security breach leaked information such as user names, mobile numbers and addresses
The question about the extent of the OnePlus security breach on Indian users has been answered — CERT-In, India’s cybersecurity agency released an advisory for OnePlus customers in India on Tuesday (November 26). The advisory claimed that less than 3K Indian customers were exposed in the recent security breach.
As a precautionary measure, the OnePlus users were advised to change their account passwords with a strong password. However, OnePlus had claimed on Nov 22 that password data was not accessed.
The cybersecurity body further stated that the users may receive spam and phishing emails as a result of this incident and it has asked the users to stay alert against these kinds of spam mails. Also, it has urged users not to open attachments and suggested not to click on a URL links contained in a spam email, even if the link seems agreeable. The severity of this breach was rated as “medium.”
According to Counterpoint Research, OnePlus has 35% of the premium smartphone market share in India. With the premium segment contributing around 5% of the market by volume for the quarter, OnePlus has led this segment for two consecutive quarters. The brand is considered as the choice for Indian smartphone consumers moving to the premium category.
Inc42 reached out to OnePlus to find out more about the recent security breach. The company is yet to revert to our queries.
As per OnePlus’s statement, the company discovered that some of its users’ order information was accessed by an unauthorised party during a system check. The company claimed to have sent emails to the impacted users. However, the company said in the statement that the users’ email address, name, personal number, shipping details were being exposed.
Furthermore, OnePlus said that those who have not received and email from OnePlus team are safe from the data breach. Also, it said that it has taken immediate measures to stop further intrusions and reinforce security, and the Chinese smartphone maker said it will be working with the relevant cybersecurity agencies to investigate the matter.
In January 2018, OnePlus users were affected by a security breach, where 40K smartphone users’ credit card details were exposed.
