OnePlus recently launched a new vulnerability bounty program called OnePlus Security Response Center (OneSRC) to enhance network security.
OnePlus wants security experts worldwide to participate in the Bug Bounty Program and discover and report potential threats to the OnePlus system.
If you successfully discover a potential threat in the OnePlus system, you will receive rewards ranging from $ 50 to $ 7,000, depending on the potential impact of the threat.
The reward is divided into five levels:
- Special case: up to $ 7,000
- The key: $ 750 to $ 1,500
- Historical high: $ 250 to $ 750
- Mid-range: $ 100 to $ 250
- Lowest: $ 50 to $ 100
OnePlus also works with HackerOne, a well-known hacker-driven security platform, which will allow the company to gain insights from top security researchers, academics and independent experts. The partnership with HackerOne will start as a pilot program and is expected to go live in 2020.
You must report potential threats to the OnePlus official website, or you can report them on the OnePlus Community Forum.
If you are a security expert and would like to participate in the OneSRC Bug Bounty Program, you can view the terms of the full program and standardized forms for reporting security issues here.
It is worth noting that OnePlus said on November 23 it discovered that some users' order information on its online store was accessed by an unauthorized party.
Certain users' name, contact number, email and shipping address may have been exposed and impacted users may receive spam and phishing emails as a result of this incident, the company warned in a forum post.
The incident is similar to a security breach OnePlus suffered in January last year when up to 40,000 users may have been affected in the period mid-November to January 11.
