A OnePlus has been known to leak sensitive personal account information to its users publicly for a long period of time, and only when the company’s recent security flaw has been mentioned, according to a report from Google’s 9to5, The investigation began, here’s all you need to know about the privacy breach.
– A major security vulnerability has been identified in the application of “Shot on OnePlus” on OnePlus phones.
– The “Shot on OnePlus” application is available on a number of company phones that allows users to upload images to the Internet. The best images are selected by OnePlus and displayed to the public in the application.
– “Shot on OnePlus” application requires the URL, location, and description of the image the user uploaded.
– To use the “Shot on OnePlus” application, users need to sign in with their email.
– OnePlus user’s leaked data includes: name, e-mail address and geographical location.
– All OnePlus phones that carry “Shot on OnePlus” are affected by data theft, where users of this application are at risk.
– Are users who have not used Shot on OnePlus safe? Yes, so it seems so far
– OnePlus data leakage continued through the “Shot on OnePlus” application for at least one year.
– There is a security vulnerability in the “Shot on OnePlus” API where the API is hosted on “open.oneplus.net, which can be accessed by anyone with an access token”
– OnePlus responded to them officially and said it was investigating the reports and was working to fix and ban “edit account information”.