OnePlus users are appalled by the latest discovery of their email data being leaked via the ‘Shot on OnePlus’ app. This information has been revealed by 9to5Google. The company was notified about this bug in early May this year. OnePlus had responded by rolling out a fix for the same but the issue still persisted. In fact, a report suggests that this is not a newborn issue and that the leaks have been taking place ever since the app was initially launched. This is shocking because the ‘Shot on OnePlus’ app is easily a couple of years old.
The Shot on OnePlus app is a common platform for people all across the globe to share pictures that can be further used as wallpapers. Like any other app, it requires the users to sign in with their email ids to enable the services.
The API has an unencrypted key for token access that links the app and the OnePlus server. Hence, it grants access to user emails.
Initially, OnePlus remained silent on this topic but now the company has addressed the publication’s allegation. It came out with a statement stating “OnePlus takes security seriously, and investigate all reports we receive.”
While the company has made changes to the API and has fixed the issue, it is still scrutinized for its other security issues. One of these being the backdoor issue in the OxygenOS. It granted access to the company to collect sensitive user data back in 2017 as well.