OnePlus makes smartphones killer, but it is often questionable about its security. The company found a serious security issue that exposed credit card information last year, and now another security issue in the OnePlus Store is forcing the company to send out a “Security Notification.”
An email sent to recent OnePlus buyers today is revealing a security issue to them. This OnePlus “Security Notification” alerts customers that from the online store of the company, an “unauthorized party” was able to access order information.
OnePlus claims payment information and account details were not accessed, but “may” have been exposed to names, addresses, emails and phone numbers. The company says it is going to continue investigating the matter, but this is clearly not a small issue.
Speaking to Droid-Life, OnePlus says they’ve taken “immediate steps to stop the intruder and reinforce security,” and they’re currently “working with the relevant authorities to further investigate this incident.” OnePlus didn’t explain what went wrong, but apparently they’re working on starting a bug bounty program by the end of this year.
This is not the first time that the store of the company has fallen victim to such a security issue. OnePlus customers found evidence of credit card fraud from the store at the beginning of 2018, which caused OnePlus to temporarily shut down credit card payments. Just one day later, the investigation into the matter by OnePlus revealed that 40,000 numbers of credit card payments had been exposed.
The full email sent to customers is below, but we hope this is the last security breach like this for the sake of OnePlus. OnePlus also has a more comprehensive thread on its forums.