A security vulnerability in OnePlus' out-of-warranty repair and advance exchange invoicing system has been fixed. The vulnerability, which was discovered on June 30th, exposed customer details including full names, phone numbers, email addresses, IMEI numbers, and physical addresses. The system affected is run by a third-party vendor and is only used by US customers. Android Police disclosed details of the vulnerability to OnePlus after receiving a tip from a reader, and OnePlus does not believe it was ever actively exploited.

Read More