29 July 2020
OnePlus appears to have made a very foolish mistake while sending an email to its hundreds of customers. It has come to notice that OnePlus accidentally and in a very plain way exposed the email IDs of its customers while sending a mail to people signed up for a UX survey. This accident has made available the email IDs of all the participants available to just everyone indulged in this survey.
As AndroidPolice points out, someone appointed at OnePlus to conduct this job appears to have just forgotten to use the BCC while sending emails to all the partakers of the survey. This sickening incidence might have made several users angry and concerned at the same time because this is not acceptable in any way.
Surveys come with a promise of keeping your credentials or any given information anonymous but here the very basic requirement of the survey which is an email ID got leaked in its plainest way possible. These email IDs are not hidden and available to just anyone who participated in the survey.
As noted, OnePlus conducted a survey after the rollout of OxygenOS 10.5.11 this month. It is unknown exactly how many email IDs got available in plain sight but a user who was included in the mass mailer says “hundreds” of email addresses are present.
The consequences of this leak could be dangerous and may become a part of social engineering from where it can be used for unfair means. Such mistakes from a huge brand like OnePlus are just intolerable and should not be ignored as an exception.
OnePlus should come up and speak on this gaffe it made.