Shulou(Shulou.com)06/01 Report--

Chinese smartphone maker Yijia, also known as OnePlus, has been revealed that user order information has been leaked, and the root of the problem is a loophole in the mall's website, according to the SINE Security Monitoring Center. After the domestic website security company notified the mobile phone manufacturer to start, the loophole began to be exposed, and the affected users have received e-mail notifications and text message notifications.

Just last week, the company discovered loopholes in customers' unauthorized access to order information, including their names and contact numbers, as well as e-mails and shipping addresses, according to information released by one plus mobile phone makers. When one plus phones securely tested their website system last week, their website security team found that some user order information could be accessed without authorization. The company said that not all users were affected.

The attacker cannot access any payment information, passwords, and other accounts. Affected users may receive spam and phishing emails, and due to this security incident, coupled with the disclosure of user data, OnePlus did not provide any details of the attacker's exploitation of the vulnerability. However, the server and website code for comprehensive security testing and security reinforcement to ensure that there are no other website vulnerabilities.

The company immediately took security measures to stop the attackers and strengthen the security of the website. To ensure the information security of users, at present, one plus company cooperates with relevant departments to further investigate this security incident. After the disclosure of user information, the businessman finally decided to launch an official website vulnerability reward program. Allow security personnel and white hats to conduct penetration testing and explore website vulnerabilities. Yiga is constantly upgrading our security system and is cooperating with well-known website security companies in China. One plus company said that although the vulnerability of the website does not involve your one plus account password, it is still recommended that you change the password of your account. Affected customers should also be on guard against phishing emails, which is usually the next step for attackers, who try to induce users to divulge their passwords and credit card information.

Strengthening the security of the website can ensure that users' information is not leaked. Only when the website is secure, can we better serve customers. More and more mobile phone manufacturers and website operators pay attention to the information security of users. Preventing disclosure is the top priority of the website at present. If your website also has user information leakage, you can find a professional website security company to deal with it. Domestic recommendation SINE security, Qiming Star, Green Alliance. Strengthen the security of the website, repair the vulnerabilities in the source code of the website, test the penetration of the website, and secure the server as a whole.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.