In this article we will focus on oneplus hackeronepeters theverge. In this article you will familiar with the word Bug Bounty Program and will also gain knowledge about the data breach. So if you are interested in this lets start without getting late.
In December 2019 Oneplus finally announced its bug bounty program in the result of second data breach. Two years back one plus promised their users that they will secure the users data and will launch the bug bounty program. After two years later in 2019 they finally announced that its bug bounty program is now live.
Before going to explore further lets first talk about the related terms which are going to use in this article such as one plus, data breach, and bug bounty. If you are familiar with these terms skip to the next heading.
One plus: A company that manufactures smartphones and other electronic devices. The company has established a strong presence in the market by consistently delivering innovative features and staying up-to-date with the latest technology trends.
Data breach: A data breach refers to an unauthorized access or release of sensitive, confidential, or protected information from an organization’s systems or databases. It occurs when data that is meant to be secure and private is exposed to unauthorized individuals or entities. Data breaches can happen due to various reasons, including cyberattacks, hacking, insider threats, human error, or physical theft of hardware containing sensitive data.
Bug bounty program: A bug bounty program is a platform or initiative that organizations and companies set up to encourage individuals or researchers to identify and report security vulnerabilities or bugs in their software, websites, or digital infrastructure. These programs are designed to leverage the collective knowledge and skills of the wider security community to help identify and fix potential weaknesses.
A popular and known platform oneplus used in this process were Hackerone, oneplus hackeronepeters theverge.
Partnership of oneplus with hackerone
In November 2019 oneplus made an announcement regarding its plan to collaborate with a renowned security platform. At that time of announcement oneplus also clarified to the users that the public version of the bug bounty program will come in 2020.
Consequences of data breach
During the breach, OnePlus confirmed that certain customer information, including names, contact numbers, emails, and shipping addresses, may have been exposed. However, OnePlus assured that sensitive data such as payment details and account information remained secure and unaffected by the breach.
The exact number of affected customers was not disclosed by the company. However, back in January 2018, OnePlus had previously acknowledged a security breach that impacted approximately 40,000 customers. During that incident, unauthorized access led to the theft of customers’ credit card information.
You can earn up to $7,000 for submitting a bug
As we mentioned above that bug bounty program is an initiative that company setup to encourage individual to identify and report security vulnerabilities or bugs in their software, websites, or digital infrastructure. So oneplus encourage users that whenever they detect any bugs they should report to the oneplus. In the response of this, the individual will receive a financial compensation.
For this bug bounty program oneplus divided the reward in several categories including special cases, critical, high, medium, and low. They specified different range of amount for the different categories of reports.
For special cases, the maximum reward offered is up to $7000, indicating that OnePlus recognizes the significance of these exceptional cases and is willing to provide a higher compensation for them.
For critical issues, the reward range is specified as $750 to $1500, implying that vulnerabilities or bugs falling under this category have a substantial impact on the security of OnePlus’ software, websites, or digital infrastructure.
The high category offers a range of $250 to $750, suggesting that issues in this category have a significant impact but are not considered as severe as critical cases. While for medium and low the amount decreases to $100-$250 and $50-$100 respectively.
In conclusion of oneplus hackeronepeters theverge, OnePlus took a significant step in prioritizing user data security by introducing its bug bounty program after a data breach in 2019. Collaborating with HackerOne, OnePlus aimed to leverage the expertise of the security community to identify and rectify vulnerabilities. The breach exposed certain customer information, but sensitive data like payment details remained unaffected. The bug bounty program incentivized individuals to report bugs, with rewards ranging from $50 to $7,000 based on the severity of the vulnerability. This initiative demonstrates OnePlus’ commitment to addressing security concerns and ensuring a safer digital environment for its users.