OnePlus was a victim of a data breach just this past week, where names, emails, addresses, among other such valuable data points of its customers were left exposed. Now, the Indian Computer Emergency Response Team (CERT-In) has revealed that less than 3,000 Indian customers of OnePlus have been affected by this hack.
In the notification issued by CERT-In, the agency highlights all the data points that were targeted by an unauthorized party. "Data regarding users of OnePlus online store such as contact numbers, names, email addresses, users order information, and shipping addresses are reported to have been exposed," the notification reads.
OnePlus had earlier clarified that the data breach didn't expose payment information and passwords. Having said that, CERT-In advises all users to change their OnePlus account passwords. Moreover, the agency has asked customers to be alert of spam or phishing emails that might land up in their inbox after the data breach.
It is also advisable not to click on outbound links and download attachments from an unsolicited email, as it risks doing further damage to the customer.
OnePlus says, "We took immediate steps to stop the intruder and reinforce security. Right now, we are working with the relevant authorities to investigate this incident further and protect your data."
The company has notified affected users about the data breach via email, so if you haven't got one, it means your data wasn't acquired during the breach. However, it's better to be safe than sorry and change your password as recommended by CERT-In.
OnePlus has also announced that it is going to launch a bug bounty program by the end of December 2019 and is partnering with a "world-renowned security platform."