OnePlus exposes customer information in email thread mishap

OnePlus has made an embarrassing privacy mistake.

The China-based smartphone manufacturer launched a massive email for a research study, but the company forgot to BCC everyone involved and instead, it was one long chain giving access to more than two hundred of its customers’ email addresses.

One of the recipients of the message confirmed to Android Police that 271 email addresses were included.

According to AP, the email was sent to people that signed up for a UX survey offered by OnePlus after its ‘10.5.11 update.’ Hopefully, the people in the thread get nothing more than angry replies to OnePlus.

This would be almost amusing if it were the only recent mishap. However, OnePlus recently suffered from another security flaw.

Earlier in July, the company fixed a security vulnerability that exposed customer details, including phone model, IMEI, order date, name, address, phone number and more.

That said, OnePlus says it found “no evidence of purposeful attempts to access” data through the vulnerability.

Source: Android Police