OnePlus accused of collecting data through clipboard app

The app featured a list of keywords along with a method to identify bank accounts.

| Updated on: Jan 27 2018, 16:08 IST
OnePlus says the code is inactive in markets outside China.
OnePlus says the code is inactive in markets outside China. (REUTERS)
OnePlus says the code is inactive in markets outside China.
OnePlus says the code is inactive in markets outside China. (REUTERS)

A French security researcher on Friday reported spotting a strange file called "badwords.text" in the OnePlus clipboard application that featured various keywords, indicating the company was sending identifiable data to its servers in China.

Elliot Alderson's discovery was considered as another privacy breach as the data was being sent to a company called TeddyMobile. The data was allegedly being transmitted without users' permission.

The file called "badwords.text" included keywords such as Chairman, Vice President, Deputy Director, Associate Professor, Deputy Heads, General, Private Message, shipping, Address and email among others. The file also included a method to trace bank accounts.

OnePlus, however, responded to Elliot's discovery stating the code was exclusively aimed at the Chinese market and that it was inactive in other markets.

"There's been a false claim that the Clipboard app has been sending user data to a server. The code is entirely inactive in the open beta for OxygenOS , our global operating system. No user data is being sent to any server without consent in OxygenOS," said the company.

"In the open beta for HydrogenOS, our operating system for the China market, the identified folder exists in order to filter out what data to not upload. Local data in this folder is skipped over and not sent to any server," it added.

In the crossfire

OnePlus may have managed to avoid another round of negative PR for the Chinese company, but it's not the first time it has come under scanner over the privacy issues.

Last week, the Chinese handset company confirmed that nearly 40,000 credit card holders were affected by a major credit card data hack. The breach forced the company to suspend credit card payments for its online store..

In October last year, OnePlus drew major heat from its users after it was discovered that the company was collecting users' data without their consent. After backlash, OnePlus announced it will limit the data it collects and ensure users know what data they are sharing with the company.

Another similar incident occurred in November 2017 when Alderson reported about a backdoor in OnePlus phones that could allow hackers to obtain root access to the devices.

Follow HT Tech for the latest tech news and reviews , also keep up with us on Whatsapp channel,Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.

First Published Date: 27 Jan, 16:08 IST