OnePlus Announces Bug Bounty Program With Rewards Up To $7,000
OnePlus has been in the news recently for all the wrong reasons. This past month, the company experienced its second major security breach in two years, resulting in the leak of personal details like customer name, email address, physical address, and phone number. In an effort to get a handle on its security shortcomings, OnePlus has announced a new bug bounty program called the OnePlus Security Response Center.
This particular bounty is being run by OnePlus, and is open to both academic institutions and security professionals. OnePlus is hoping that participants in the program will "proactively search for and report" on security issues and threats that affect its products and systems, including its OxygenOS fork of Android. According to the company, it will be offering rewards of between $50 to $7,000 depending on the severity of the bug found.
For those that are interested in finding bugs under the OnePlus Security Response Center, you can submit a report via OnePlus' website.
"OnePlus truly values the privacy of all information our customers entrust to us," said OnePlus CEO Pete Lau. "The two projects demonstrate OnePlus' commitment to protect our users' data through more secure systems and data lifecycles."
In other related news, the company also announced a new security partnership with HackerOne. "The collaboration with HackerOne will enable us to gain insight from top security researchers, academic scholars and independent experts to better uncover potential threats to our systems," writes the OnePlus security team. "The HackerOne collaboration will start as a pilot program, inviting select researchers to test out OnePlus’ systems against potential threats."
According to OnePlus, a public version of the HackerOne program will go live in late 2020.