OnePlus Data Leak Proves You Can Be Breached Again and Again

December 10, 2019

Graphs of various sizes with binary numbers on bottom of screen

It's one thing to get hit by a data breach once. But if it happens a second time? It basically says doing business with your organization is like playing with fire. 

Take OnePlus, for example. On November 22 the Chinese smartphone manufacturer admitted it had been breached—again!—notifying affected customers of the incident by email. 

What Happened with the OnePlus Breach?

OnePlus released a statement confirming hackers gained access to some customers' order data. However, payment information, passwords, and accounts were declared "safe." 

OnePlus explained they became aware of the breach during a system sweep and acknowledges some users' order information was “accessed by a third party. No specific details were given, but it looks like the breach occurred in the OnePlus online store. 

The Prior Breach 

As noted, this isn't the first time OnePlus has been victimized. It suffered a credit card breach in January 2018 when 40,000 customers had their financial information exposed. While the company says it's partnering with a security firm next month, it's clear the growing company has yet to prioritize data security. 

Why It Matters 

Data breaches and subpar cybersecurity are bad for business for multiple reasons: 

  • It erodes the trust of consumers. Customer attrition can spike and prospective customers become especially wary. 
  • Organizations can be found monetarily responsible. Class-action lawsuits and other legal and compliance obligations can prove costly. 
  • Companies that are the victim of a cyberattack are more likely to get hit again. Especially in the months soon after the first breach, as vulnerabilities in defenses require time to shore up and address. 
  • Many companies struggle to attract new business after one attack — let alone two. This goes well beyond acquiring new customers; businesses aren't eager to partner or share data with companies that get breached.

Trust Experience: Arctic Wolf  

Cybersecurity has to be a top priority, but it can seem overwhelming at times. 

Enterprises build a comprehensive defense by establishing an in-house security operations center (SOC) for around-the-clock monitoring, threat detection, and necessary response. Most companies, however, don't have the resources in terms of budget and staff to do this effectively. 

It's that the case for your organization, it's time to partner up. 

The Arctic Wolf SOC-as-a-service with Arctic Wolf™ Managed Detection and Response (MDR) and Managed Risk provides companies with 24/7 monitoring, vulnerability assessment, threat detection and analysis, and incident response. 

Don't wait until the first—let alone the second attack—to get the security your organization needs. 

Arctic Wolf can help you identify if your corporate credentials have been exposed as part of this, and other data breaches, as well as provide insight into what information was harvested as part of the exposure. Learn more about Management Containment.  

And find out additional information about our MDR solution and concierge team of professionals. 



Previous Article
Heart Attacks and Cyberattacks: The leading cause of death just became more deadly
Heart Attacks and Cyberattacks: The leading cause of death just became more deadly

Next Article
SIEM vs. MSSP vs. MDR: An Essential Guide
SIEM vs. MSSP vs. MDR: An Essential Guide

SIEM. MSSP. MDR. Three ways to protect your organization from cyber threats, but which one is the most effe...


Get cybersecurity updates delivered to your inbox.

First Name
Last Name
Yes, I’d like to receive marketing emails from Arctic Wolf about solutions of interest to me.
I agree to the Website Terms of Use and Arctic Wolf Privacy Policy.
Thanks for subscribing!
Error - something went wrong!