Know what's in for you in One Plus's leaking data scandal

June 18, 2019:

Chinese smartphone brand OnePlus has been reportedly leaking data of OnePlus phone users for years.

According to a report by 9to5 Google, OnePlus has been ‘unknowingly’ leaking crucial personal information of its users publicly for quite a considerable amount of time and it is only when the major security flaw was pointed out to the company recently that it has started to investigate. Here is everything you must know about this breach in privacy.

A major security flaw has been discovered in the 'Shot on OnePlus’ app present in OnePlus phones.

The ‘Shot on OnePlus’ app is there under the ‘Wallpapers’ menu. The app is meant for users to upload photos. The best photos are selected by OnePlus and is showcased publicly in the app

The ‘Shot on OnePlus’ app asks for title, location and description of the photo uploaded by the user

To use the ‘Shot on OnePlus’ app, users need to sign-in with their email ID

OnePlus user data that has been leaked: Name, e-mail ID and location

All OnePlus phones with ‘Shot on OnePlus’ affected by the data leak. Data of users of this app are at risk

Are users who did not use 'Shot on OnePlus' app safe? Yes, that's how it appears so far

The OnePlus data leak via the ‘Shot on OnePlus’ app has been going on for at least a year

The security flaw is in the API of the “Shot on OnePlus’ app. The API is hosted on “open.oneplus.net which can be accessed by anyone with access token”

OnePlus has officially responded to it and has said that it is investigating the reports

OnePlus is working on a fix and have blocked “modifying account information”

Source Link