One Plue Breach – November 2019

Less than 3000 one-plus smartphone users were claimed to be affected by a recent one-plus data breach. One-plus is known to have had previous data breaches. Customers are advised to change their password. Data leaked involves name, address, email. The nature of data revealed maybe used for impersonation and indirect access to other accounts.

Recently, in 2018, one-plus faced a data security breach that affected 40,000+ customers

What Can You Learn ?

The above attack used various loopholes at various stages and we can list a few mitigation steps from it. 

  • Testing frequent test (daily,quaterly) can help keep bugs in check along with malicious access and intent red flag alerts
  • Third Party Security measures to make sure any vulnerability doesn’t affect one’s own customers
  • PII regulations within the company for careful distribution of PII. Collection of PII only restricted to only when absolutely necessary
  • Third Party Risk Assessment Modern tools enable one to understand the threat landscape arising from their vendors

References

https://telecom.economictimes.indiatimes.com/news/oneplus-data-breach-indias-cybersecurity-agency-says-around-3000-oneplus-users-data-exposed/72246434

https://yourstory.com/2019/11/oneplus-data-breach-affected-customers

https://www.theverge.com/2019/11/22/20978455/oneplus-discloses-data-breach-names-numbers-emails-addresses-exposed

Leave a Reply

Your email address will not be published. Required fields are marked *

13 + 7 =