CERT-In, India’s nodal agency for cybersecurity, late on Tuesday issued an advisory for OnePlus smartphone users to change their account passwords. In its advisory, the agency said “less than 3,000 Indian customers” orders were exposed during the recent global system breach.
“The kind of information exposed such as name, address, email can be abused to impersonate as the victim and gain access to other accounts. Even though OnePlus has claimed that password data was not accessed, users are still advised to change their passwords with a strong password," the cybersecurity agency said in its advisory with 'medium' severity rating.
In its advisory, the agency said One-Plus clarified that no payment card, bank account detail or password was breached and has stated that all affected users have been notified by email. A query sent to OnePlus remained unanswered till press time. OnePlus, however, on Monday said it was working with authorities to further investigate the system breach.
CERT-In informed users of OnePlus smartphones in India that may receive spam and phishing emails as a result of this incident, thereby "they need to stay alert against these kinds of mails."