OnePlus is once again in the headlines, but this time not with its cheap smartphone OnePlus Nord but in the headlines about the new data leak case. The company has accidentally revealed the email IDs of hundreds of customers.
The company sent mails in bulk to select users for a research study. While there is no harm in sending emails, the problem started when the company added the email to the ‘To’ section instead of the ‘BCC’ section. Although how many users were affected due to this mistake, it has not been confirmed at the moment, but Android Police in its report said that the number of exposed email addresses is in hundreds.
The company’s old association with data breach
At the end of last month, OnePlus faced another security challenge when its out-of-warranty repair and advanced exchange invoice system revealed customer details such as name, phone details, email address, IMEI number, and physical address. However, this data breach affected American customers. This defect was immediately corrected after detection. Compared to this breach, the new breach may be called a minor, although frequent such incidents have raised questions over OnePlus’ security system.
Credit card details of about 40 thousand customers were stolen in 2018.
The company confirmed in early 2018 that the credit card details of around 40,000 of its customers had been stolen. The company stated the reason for the malicious code on the payment page of the site. He said the theft occurred over the course of two months, which began in November 2017.
The company had temporarily disabled credit card payments, advising affected customers to monitor their bank statements during this period. The company then offered free credit reporting to the affected customers for a year.
OnePlus was a victim of hacking in November 2019
Another data breach occurred last November when OnePlus was the victim of a hacking incident that revealed customers’ names, email addresses and shipping addresses. However, this time also the company came and told its customers that their payment data and passwords have not been exposed or accessed by the third party.