OnePlus-Oppo and Realme Data Breach: LeakBase Publishes SQL Database of Thailand Users

In a concerning development for smartphone users in Thailand, the databases of several popular Chinese mobile brands have been leaked on a hacker forum by LeakBase. If reports are to be believed, OnePlus-Oppo and Realme Data Breach has impacted the several users in Thailand putting them at risk. 

The leaked data includes personal information such as names, email addresses, and physical addresses of users interacting with the companies. 

LeakBase, a popular threat actor that recently targeting 16M user PII records from the Swachhata Platform, has now turned to Chinese smartphone manufacturers.  

According to a post on dark web forum, the databases of three leading mobile phone brands, OnePlus, Realme, and Oppo have been on sale on a hacker’s forum.  

While it is not yet clear how the hackers accessed the data, the fact that it has been put up for sale raises serious concerns about the security of user data. 

OnePlus-Oppo and Realme Data Breach

The Cyber Express has contacted the affected companies regarding the data breach but is yet to receive a response.

The leak of personal data raises serious concerns about the safety and privacy of users.

Such data breaches can potentially result in identity theft, financial fraud, and other forms of cybercrime. Companies must take the necessary measures to secure their users’ data and prevent such breaches from occurring in the future. 

In light of this incident, users of these brands are advised to take precautionary measures to safeguard their personal information. This may include changing their passwords, enabling two-factor authentication, and monitoring their financial transactions for suspicious activity. 

The Cyber Express team also urges the affected companies to come forward with information about the breach and take necessary steps to secure their databases. As technology advances, companies must prioritize the security of their users’ data to avoid such incidents in the future. 

OnePlus-Oppo and Realme data breach, Chinese smartphones and weak security  

Know Your Mobile’s 2021 report revealed that Xiaomi, a popular Chinese smartphone manufacturer, was caught siphoning data from its handsets and sending it back to its servers in China.  

Independent researchers discovered that a behavioral analytics company poured over the collected data. This revelation raised concerns about the security and privacy of users’ data, especially given the popularity of Xiaomi phones.  

Despite being caught, Xiaomi was initially reluctant to make changes, arguing that wanting to understand its users better was not a bad thing. This highlights the issue that Xiaomi does not necessarily share users’ views on protecting their data, and if someone uses their phones, they become fair game. 

There have been concerns about the security of Chinese smartphones, which are generally known for being affordable and feature-packed.  

Experts have suggested how these phones are designed and manufactured might contribute to their weaker security. Many Chinese smartphone manufacturers have close ties to the Chinese government, raising concerns about backdoors or other security vulnerabilities. 

Additionally, some Chinese smartphones come with pre-installed apps that can collect data without the user’s knowledge or consent. It is essential for consumers to carefully research and evaluate the security features of any smartphone they intend to buy, regardless of the brand or country of origin. 

 According to Ars Technica’s 2021 report, The Lithuanian National Cyber Security Centre (NCSC) recently conducted a security assessment of three Chinese-made smartphones, including Huawei’s P40 5G, Xiaomi’s Mi 10T 5G, and OnePlus’ 8T 5G.  

The NCSC found that the Xiaomi phone contained software modules that leaked data to Chinese authorities and censored media related to sensitive topics. In contrast, the Huawei phone replaced the standard Google Play application store with potentially malicious third-party substitutes.  

As a result of this audit, Ars Technica did not provide direct links to these phones, even though they are available on e-commerce sites like Amazon and Walmart.com for US shoppers interested in buying them.